[dns-operations] anycasting for fun and profit

[Mike Jones]

On 16 October 2012 13:51, Patrick W. Gilmore <patrick at ianai.net> wrote:
> On Oct 16, 2012, at 08:33 , paul vixie <paul at redbarn.org> wrote:
>
>> dns anycasting can also be done solely with provider-assigned space and
>> no ASN of your own. for ISC we have three anycast clouds, one for f-root
>> which has its own prefix and its own ASN, one for our public benefit
>> secondary service which has its own prefix adjacent to f-root, and one
>> for our commercial secondary service which uses provider-assigned
>> address space for each named server.
>>
>> the advantage to using provider-assigned space is that the global
>> routing table carries no separate burden on your behalf. i call this
>> "green networking" since it's more ecologically friendly. the
>> disadvantage is that if you want to change providers you have to
>> renumber. renumbering in this case isn't all that painful since you are
>> in control of the NS target name. there's a description at
>> <http://www.isc.org/solutions/sns-anycast>.
>
> This works, although limits your anycast nodes to a single provider.
>
> While there is nothing wrong with single-provider anycast, I would argue having anycast instances in multiple providers is beneficial.

For an anycast DNS setup you'd probably want 2 separate instances with
different nodes on each so you still have diverse reachability. For a
setup small enough to be using PA space they are probably also small
enough to only be deploying 2 global anycast clouds.

3 problems solved, easy IP space, multiple anycast clouds, diverse reachability.

Unfortunately it does add 1 problem to the list in exchange: if you do
change one of those providers then yes you can update
ns2.yourdomain.com to the new addresses, but what about the hassle to
customers who want to use ns2.theirdomain.com and need to be told to
manually update it every time? This may or may not be a problem.

- Mike