[dns-operations] Too Open (Was: OpenDNS makes your Internet work better

John Payne john at sackheads.org
Fri Jul 14 04:48:34 UTC 2006

On Jul 14, 2006, at 12:43 AM, Nicholas Suan wrote:

> On 7/13/06, brett watson <brett at the-watsons.org> wrote:
>>> Assuming that the resolver was coded in a sane fashion, another root
>>> server; they should all contain the same data.
>> but in a properly configured anycast environment (f-root, k-root, and
>> ultra come to mind), there's no need to go to "another root server"
>> because another instance of the anycast prefix would be followed to
>> the next closest instance of that same root server.
> That's what was supposed to happen, however in the spefic case we're
> talking about, it didn't. That's not an anycast-only problem, anycast
> only really made it harder to debug. The DNS resolver doesn't know
> which servers are anycased and which aren't so there's no way for it
> to behave any differently when a request to an anycasted server fails
> as opposed to a request to a regular one.

Huh?  It's not supposed to behave any differently.  A failure of an  
anycasted server that does not withdraw it's routes is IDENTICAL to  
PART of the world to the failure of a unicasted server.  To the rest  
of the world... "what failure?"

A failure of an anycasted server that does withdraw it's routes....  
"what failure?"  (After a little route convergence).

More information about the dns-operations mailing list