"how's this different from what Joel said?" My reading of the following (based on normal English convention)
> > 104.16.218.84 > > 104.16.219.84 > That’s what they are for you. Cloudflare routes you to the closest pop to your network. Your mileage may vary is that "they" refers to the IP addresses, NOT the DNS names (which hadn't even been mentioned in my email at this point). Thus, what I inferred from Joel's statement is that "database.clamav.net" might resolve to different IPs for other users (which would be weird, given the use of Anycast). So I tested it the best I could (without traveling a lot, or setting up VMs in different countries). On Tue, 21 Sep 2021 13:21:20 +0200 Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > >On Mon, 20 Sep 2021 17:17:34 +0000 > >"Joel Esler (jesler)" <jes...@cisco.com> wrote: > > > >> > On Sep 20, 2021, at 13:08, Paul Kosinski via clamav-users > >> > <clamav-users@lists.clamav.net> wrote: > >> > > >> > These two IPs are Anycast addresses, and have been unchanged for well > >> > over 2 years. (Anycast addresses don't have to change even if the > >> > physical servers change, that's their point!) They are: > >> > > >> > 104.16.218.84 > >> > 104.16.219.84 > >> That’s what they are for you. Cloudflare routes you to the closest pop to > >> your network. Your mileage may vary > > On 20.09.21 20:16, Paul Kosinski via clamav-users wrote: > >I thought the IP addresses, being Anycast, were what are routed to the > >closest POP. > > how's this different from what Joel said? > > > No matter, when I resolve "database.clamav.net" via various DNS servers, > > using TCP to bypass the default local DNS server (as our firewall blocks > > outbound UDP port 53 otherwise), I always get these same two IP addresses > > as results (see below) > > yes, becaue those two IP are anycast... they are router to the nearest POP. > > > Given that the servers at 1.1.1.1, 8.8.8.8 and 9.9.9.9 are "public", and > > likely Anycast, while 71.243.0.12 is local Verizon/FIOS, I suppose that > > the Authoritative server and the public (Anycast) servers could > > conceivably be distributing different IP addresses depending on who is > > querying. (BIND/named has become incredibly complicated these days.) But > > since the two IP addresses are themselves Anycast, what would be the > > point? > > the point is, not to provide different IPs via anycast DNS but to provide > anycast IPs via any DNS. > > > In any case, does anyone, anywhere, get IP addresses other than > > > > 104.16.218.84 > > 104.16.219.84 > > > > when resolving "database.clamav.net"? > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
