[dns-operations] Too Open (Was: OpenDNS makes your Internet work better

[Brad Knowles]

At 9:49 PM +0200 2006-07-14, Per Heldal wrote:

>       From your angle, given the use of minimum 2 independent providers
>  to host every zone, what do I loose if all listed nameserver (ns >= 2)
>  use anycast?

I've already said what I'm going to say on this thread.  If I haven't 
made my point clear to you by now, I don't think that there's any 
hope of being able to do so in the immediate future.

That's probably my fault, but I don't think it matters.  At this 
point, I think it's best to just drop the whole subject.


Clearly, I need to learn more about routing terminology before 
attempting any further discussion of these topics.

However, nothing I've looked at so far has convinced me that there is 
not a serious issue here for organizations that do not provide an 
adequate number of anycast service addresses, and do not distribute 
these service addresses across a suitable number of distinct and 
independent topographical locations.


This was my point about what we're currently seeing from OpenDNS, and 
I used the example of problems we had witnessed previously with 
UltraDNS to support that.  Unfortunately, we got dragged down a 
rathole on the UltraDNS issues.

But regardless of whether or not UltraDNS has been able to address 
their problems and come up with an appropriate solution, I remain 
convinced that because of the nature of /etc/resolv.conf and the 
typical limitations of the resolver only paying attention to three 
addresses listed in that file, OpenDNS will face insurmountable 
obstacles in trying to do the same.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

  Founding Individual Sponsor of LOPSA.  See <http://www.lopsa.org/>.