[dns-operations] Too Open (Was: OpenDNS makes your Internet work better
Ondřej Surý
ondrej.sury at nic.cz
Fri Jul 14 13:36:33 UTC 2006
On Thu, 2006-07-13 at 22:12 -0700, brett watson wrote:
> On Jul 13, 2006, at 9:28 PM, Ondřej Surý wrote:
>
> > This situation can be easily prevented by having more than 6 clusters
> > and not advertising all 6 /24 via BGP in all clusters at the same
> > time.
>
> all of the ultra /24s are *not* advertised from all nodes. and there
> are more than 6 "clusters", as you call them.
Then I see no problem with this setup. And I don't see any problem with
all-anycast setup.
BTW I don't see this behaviour any more here atm, now I also see 2 /24.
It could be easily my mistake yesterday (it was too late).
Anyway personally I would combine more than 2x /24 in set of nameservers
just to even more minimise risk. But if it cannot happen that all
ultra /24s are advertised from one node, than I don't see any problem
with this setup at all.
Ondrej.
--
Ondřej Surý
technický ředitel/Chief Technical Officer
-----------------------------------------
CZ.NIC, z.s.p.o. -- .cz domain registry
Americká 23,120 00 Praha 2,Czech Republic
mailto:ondrej.sury at nic.cz http://nic.cz/
sip:ondrej.sury at nic.cz tel:+420.222745110
mob:+420.739013699 fax:+420.222745112
-----------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5888 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20060714/14b75bbf/attachment.bin>
More information about the dns-operations
mailing list