[dns-operations] Too Open (Was: OpenDNS makes your Internet work better
brett watson
brett at the-watsons.org
Fri Jul 14 04:28:13 UTC 2006
On Jul 13, 2006, at 9:20 PM, Nicholas Suan wrote:
> On 7/13/06, brett watson <brett at the-watsons.org> wrote:
>
>>
>>> In the root zone, (I use it
>>> as an example since some of the nodes are anycasted) if one server
>>> times out, it's no problem for a resolver to go and check another
>>> instance of the root, which will most likely be located someplace
>>> that
>>> isn't malfunctioning.
>>
>> by "instance of the root" do you mean "an instance of the same root
>> server" or do you mean "another root server"?
>>
>
> Assuming that the resolver was coded in a sane fashion, another root
> server; they should all contain the same data.
but in a properly configured anycast environment (f-root, k-root, and
ultra come to mind), there's no need to go to "another root server"
because another instance of the anycast prefix would be followed to
the next closest instance of that same root server.
i suppose in a very tight timing window, if i send a query to k-root
(anycasted) and the closest node goes down between the time i make my
query and the time the anycast prefix gets removed from global
routing, then i would timeout. that seems like an outside case though.
-b
More information about the dns-operations
mailing list