[dns-operations] Do Unix stubs round robin nameserver addresses?
Roland Dobbins
rdobbins at arbor.net
Fri Apr 17 22:53:40 UTC 2015
On 18 Apr 2015, at 5:44, Chuck Anderson wrote:
> 2. Use anycast to make your multiple DNS servers appear as one IP, and
> put that one IP in /etc/resolv.conf. You can have multiple IPs,
> but each one should still be anycasted.
The problem with using only one IP is that if someone accidentally
fat-fingers an ACL or a routing statement or a firewall rule or
whatever, all recursive DNS is hosed.
So, anycasting *two* IP addresses (on differing netblocks) is probably
warranted.
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the dns-operations
mailing list