[dns-operations] anycasting axfr

Anand Buddhdev anandb at ripe.net
Tue Apr 18 13:39:48 UTC 2017


On 18/04/2017 14:22, Jim Reid wrote:

Hi Jim,

>> Anycast works well enough for HTTP, so this isn't a very convincing
>> argument against using it for AXFR. E.g.
>> https://www.nanog.org/meetings/nanog37/presentations/matt.levine.pdf
> 
> You’re comparing apples and oranges. The characteristics of a TCP
> session for AXFR and HTTP are not the same. The slides you reference say
> anycast works OK for web sessions: fine. But there’s no equivalent
> analysis for DNS AXFRs. At least not yet AFAIK.

An analysis of actual AXFR failures caused by routing topology changes
would be great, and someone ought to do this. If I have some time, I may
even do this with K-root.

However, I would say that if HTTP works well-enough with anycast, then
AXFR should be completely fine. HTTP sessions can, and often are,
long-lived. Routing changes will hurt them. In comparison, AXFR sessions
are short and not persistent. A client makes a TCP connection, requests
the AXFR, gets the response within a few seconds at most, and closes the
connection. My conjecture is that the failure rate of AXFR, due to
routing topology changes, is so low as to be negligible.

Regards,
Anand



More information about the dns-operations mailing list