[dns-operations] All NSs for a TLD being in the TLD itself

Warren Kumari warren at kumari.net
Fri Oct 25 17:49:56 UTC 2013

On Oct 25, 2013, at 1:33 PM, Edward Lewis <ed.lewis at neustar.biz> wrote:

> Randy,
> On Oct 25, 2013, at 9:45, Randy Bush wrote:
>> the ip address clumping would worry me if i thought they were not anycast.
> Anycast or not, I wouldn't think this is a problem.  Meaning, I don't see why this would be a problem with unicast.  Assuming that (for v4) the /24's are independently routed, it wouldn't matter if the numbers are numerically close or not.

Well, it *might* -- having a wider separation of addresses (and multiple AS#) reduce the risk of someone accidentally misconfiguring an ACL and blocking access….

Lets say your space is and -- it's possible that someone intending to ACL and makes a booboo and ACLs off instead of While this sound alike a theoretical / unlikely issue, it *does* happen -- ask me how I know…


> I ask because I might be missing something.  And assuming it's a given that to an external endpoint, anycast is indistinguishable to unicast.  I can't tell if that's two routes to a multi-homed LAN or two routes that diverge geographically.
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Edward Lewis             
> NeuStar                    You can leave a voice message at +1-571-434-5468
> There are no answers - just tradeoffs, decisions, and responses.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

She'd even given herself a middle initial - X - which stood for "someone who has a cool and exciting middle name".

    -- (Terry Pratchett, Maskerade)

More information about the dns-operations mailing list