[dns-operations] Too Open (Was: OpenDNS makes your Internet work better

Matt Pounsett matt.pounsett at cira.ca
Fri Jul 14 14:56:36 UTC 2006


On 14-Jul-2006, at 06:19 , Brad Knowles wrote:

> This is the key point I'm trying to get across -- IMO, deploying only
> anycast addresses for a given service is unwise, as it leads to the
> risk where all the packets being sent to those addresses wind up at a
> site that may be topologically closer but may also be broken.

You seem to be assuming that all nodes in an anycast environment  
answer to all anycasted addresses.  As far as I'm aware, this is only  
true for the anycasted root servers (where there is only one address  
per managing org).  For all other anycasted zones, putting all  
addresses on all nodes correlates to having multiple addresses on a  
single server in a unicast environment, and would be just as unwise.

Perhaps this was the case for some Ultra nodes in the past.. I don't  
know.  But, if that was the case, it was a problem with  
implementation and not with anycast itself.

Matt


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20060714/1f1fd58a/attachment.sig>


More information about the dns-operations mailing list