[dns-operations] Anycast vs. unicast NS

Shane Kerr shane at isc.org
Fri Mar 18 10:13:32 UTC 2011


On Thu, 2011-03-17 at 17:47 +0100, Jaroslav Benkovský wrote:
> Speaking of anycast deployment, has anybody observed problems with
> having *all* authoritative servers in anycast cloud(s)?
> 
> We are considering switching off the last non-anycasted servers for the
> .CZ zone, and actual experience of other TLDs would be welcome.
> 
> We do not see significant amount of queries to the unicast servers, on
> the other hand our experiments suggest that unicast servers have better
> chance to be reachable from networks with problematic routing.

IIRC, all of Afilias' authoritative servers are anycast these days, and
that covers ORG, INFO, and a slew of ccTLD and a handful of other gTLD.

Other than the usual problems with anycasting in general (where *did*
that query hit, whoops one of the hosts at node X is behind, and so on)
I can't think of any special problems with such a setup.

Having a fewer number of entries in your NS RRSET and making those
highly anycast should result in a better user experience than having
more unicast servers. This is because resolvers don't have to go through
as much pain figuring out the best RTT, as the routing system has
already done that work.

It's magic! And you are probably better off not having unicast at
all. :)

--
Shane




More information about the dns-operations mailing list