[dns-operations] Too Open (Was: OpenDNS makes your Internet work better
Nicholas Suan
nsuan at nonexiste.net
Fri Jul 14 04:55:59 UTC 2006
On 7/13/06, brett watson <brett at the-watsons.org> wrote:
>
> you seem stuck on the concept that "ultrdns had only TWO
> authoritative name servers listed for .org" when in fact the number
> of authoritative servers listed for a zone in an anycast environment
> has *no* bearing on how many resolvers are actually active and able
> to resolve queries.
>
It's not any of those seperaly, it's both taken together that was the problem:
UltraDNS had two NS records for org.
UltraDNS also had two 'pods' fail simultaneously, in such a way that
they continued to advertise the prefix without being able to respond
to queries.
In some parts of the internet, the area serviced by these two pods
overlapped, causing a complete outage.
Had there been more NS records, and no overlap of address space being
serviced by the pods, the failure of the two pods would not have been
a problem as the number of available nameservers would have been
greater than the number of failed pods.
More information about the dns-operations
mailing list