On Mon, Jul 11, 2022 at 12:46 PM, heasley <[email protected]> wrote:
> Sat, Jul 09, 2022 at 09:32:51PM +0200, Robert Raszuk: > > And here comes I think need for authors to clarify something. They said > that such marking is going to be used along with NO-EXPORT. > > no, you might have misread that; with no-export is possible but not > necessary. > > Eg: several (perhaps all now?) of the root servers lie within anycast > prefixes. > All. These should not be marked no-export, but *could* be marked ANYCAST. > Many of the root server operators have the concept of "local" and "global" nodes. If the root server's address is e.g 10.0.0.17 [0], global nodes will announce 10.0.0.0/23 and local nodes announce 10.0.0.0/24, but tagged with NO-EXPORT. This will[1] make it that networks that the node peers with directly will use this local node, without having the great unwashed hitting that node - this allows scaling the nodes appropriately. If the node falls over, traffic will simply follow the shorter /23. This is much better explained in ISC's "Hierarchical Anycast for Global Service Distribution" - https://www.isc.org/pubs/tn/isc-tn-2003-1.html , https://www.caida.org/catalog/papers/2007_dns_anycast/dns_anycast.pdf , etc.. Many nodes might be both global and local - they announce the /23 and /24, so that networks peering with the node prefer this particular instance over some other instance. Every now and then some network will ignore or strip NO-EXPORT and announce the "local" prefix - this suddenly makes that node the "bet" (longest-match), and hilarity ensues.. BGP does have many knobs that can be twiddled, but unfortunately some of the inbound ones are still fairly heavy hammers... W [0]: Grrrr. The IPv4 Documentation prefixes are all /24s, and I needed something larger, so just pretend, 'k? [1]: Ok, should...
_______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
