[dns-operations] Too Open (Was: OpenDNS makes your Internet work better
john at sackheads.org
Wed Jul 19 12:27:40 UTC 2006
On Jul 19, 2006, at 1:49 AM, Florian Weimer wrote:
> * John Payne:
>> On Jul 14, 2006, at 1:20 PM, Brad Knowles wrote:
>>> Not true. By having a mix of anycast and unicast service
>>> addresses, at least those unicast service sites don't have the
>>> problem of being dependant on the routing advertisement needing to
>>> be withdrawn if the pod should go down.
>> What happens to the packets for the down unicast server?
> They cease to be sent. 8-) AFAIK, most DNS resolvers keep track which
> servers are down (or are lame) and query them only occasionally, to
> see if the problem still persists. Some of them even store the RTT.
> You can't do such optimizations at the application level if all name
> servers are hidden behind very few anycast addresses.
(Removing Brad as he said he'd unsubscribed...)
OK, so if you're "closer" to a broken anycast server, how does your
nameserver know that it's anycast, not unicast?
You snuck in "very few" into the anycast side of the argument. It
seems common that people assume that anycast == fewer NS records.
That's a completely different situation.
More information about the dns-operations