Just as Toerless said, the key issue of different organizations using the same anycast address is whether those organizations implement the same localization policy or not. Here, one interesting question can be raised is what is the best localization policy for DNS? Should DNS clients visit the anycast server with the least network latency (which can be measured by RTT) or minimal AS hops or minimal router hops? In other words, the question is about what is the best assessment index for DNS system.
Guangqing Deng CNNIC From: Toerless Eckert Date: 2014-08-06 20:32 To: Patrick W. Gilmore CC: [email protected] Subject: Re: [DNSOP] Anycast and DNS questions Thanks, Patrick, inline On Wed, Aug 06, 2014 at 08:10:19AM -0400, Patrick W. Gilmore wrote: > > > > a) What documents beside RFC3258 are describing any uses/procedures > > for having DNS servers use an anycast address to receive and respond to > > requests ? > > Dunno, but something tells me a quick BING search would return millions of > answers. I carefully read the first 999,999 hits (;-) and they all where about what i would call commercial DNS/zone services that run their own anycast cluster of DNS server. I was wondering about variations on the scheme. But a followup question coming to mind: Is it fair to say that DNS would be the prime reason for anycast addresses injected into the global BGP routing table ? Has anyone tried to stat that ? Eg: counting how many global BGP prefixes are "anycast" due to their properties, such as availability at widely disperse nework locations without actual transit indication in the AS path attributes (or the like, i am not a BGP expert, i am just guessing how they could be recognized). > Common? Ridiculously so, for at least 20 years. > Well known examples? CDNs, as you already mentioned. E.g. LLNW. Thanks for the example. Any non-CDN examples for localized information ? > > c) Any example in which the DNS servers utilizing a single shared > > IP address (anycast address) are run by different operators ? Any > > documents describing this ? (RFC3258 seems to focus on single operator > > anycast group of DNS servers. > > How about the root servers? The way i read RFC3258 it sounded as if every individual root server could use its own anycast address across its own set of disperse DNS servers. But i could see no indication that specific anycast addresses where assigned to be used by root servers run in different organizations. If that is actually whats done today, that would be good information. One of the reasons of asking is trying to understand if there is a combination of b) and c) in deployment. Eg: If some organization has some authoritative DNS data, its easy to say: Here, i also have an IP prefix that i permit anybody to use as the anycast for DNS serving secondaries of that. And be happy about anybody who seconds that zone with that anycast address. Thats just performance/reliability/load-sharing. Once you start leaving out the consistency of the served information AND you allow the same anycast address to be used by different organizations, it becomes a lot harder for any individual organization to asses whether a client is getting the right localized information because it can come from different organziations. Of course, i think this scheme can work if there are specific agreements about the policies of localization across the participating organizations, but i am not sure if this is being done, and if so, what examples there are. Thanks Toerless _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
