[dns-operations] Too Open (Was: OpenDNS makes your Internet work better

Fri Jul 14 17:20:56 UTC 2006

At 7:57 AM -0400 2006-07-14, John Payne wrote:

>  UltraDNS muddies the water somewhat by having different overlaps
>  points between different clouds, which may or may not lead to the
>  failure mode you're both describing.  If it does, that is a failure
>  of UltraDNS's deployment, NOT a failure of anycast.

They also didn't (don't?) advertise enough service addresses, each of 
which is supposedly served by a unique anycast cloud.  The real 
killer is the combination of poorly overlapping anycast clouds and 
insufficient numbers of service addresses, when one of those pods 
goes down but doesn't get the route advertisement withdrawn.

Now, I'm willing to concede that maybe UltraDNS has improved their 
situation by providing more service addresses.  However, I am not yet 
convinced that -- even today -- the number of service addresses they 
are advertising is sufficient.  Moreover, so long as all of those 
service addresses continue to be provided only via anycast clouds, I 
believe that they're likely to run into the same kinds of problems 
sooner or later.

But the real discussion here is not about what UltraDNS did (or is 
doing), but what OpenDNS is doing.  And they definitely aren't 
offering enough service addresses.  Worse, given the nature of 
/etc/resolv.conf and the kind of service that they're offering, I 
don't know that it will be physically possible for them to resolve 
this issue.

>  All of the root servers could be anycasted and as long as they don't
>  all show up at the same NAPs, you still have the redundancy you see
>  today with a mix.

Not true.  By having a mix of anycast and unicast service addresses, 
at least those unicast service sites don't have the problem of being 
dependant on the routing advertisement needing to be withdrawn if the 
pod should go down.

By removing that dependency on an apparently somewhat unreliable 
process, and ensuring that at least some of the advertised routes 
cannot possibly all collapse to the same pod, you enhance the overall 
reliability of the entire system.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

  Founding Individual Sponsor of LOPSA.  See <http://www.lopsa.org/>.