Re: DNS query over anycast

Sun, 03 Jun 2001 00:02:39 -0700 


>       there was a question regarding to DNS response against this kind of
>       query:
>               (src=x dst=anycast)
>       needs to have anycast source address or not.

        I would be setting the anycast address as the source address of the
        reply.

> 
>       from RFC2181, it is legal to use non-anycast address for response.

        This part was written for broadcast and multicast addresses.

> 
>       and for the resolver side (implementation issue):
>       - BIND8 resolver checks source address match by default, but can easily
>         turned off by RES_INSECURE2 flag bit on res.options.
>       - MS windows DNS resolver does not (correct me if I'm wrong about this)
> .
> 
> itojun
> 
> 
> ---
> 4.1. UDP Source Address Selection
> 
>    To avoid these problems, servers when responding to queries using UDP
>    must cause the reply to be sent with the source address field in the
>    IP header set to the address that was in the destination address
>    field of the IP header of the packet containing the query causing the
>    response.  If this would cause the response to be sent from an IP   <-
>    address that is not permitted for this purpose, then the response may <-
>    be sent from any legal IP address allocated to the server.  That    <-
>    address should be chosen to maximise the possibility that the client
>    will be able to use it for further queries.  Servers configured in
>    such a way that not all their addresses are equally reachable from
>    all potential clients need take particular care when responding to
>    queries sent to anycast, multicast, or similar, addresses.
> 
> --------------------------------------------------------------------
> IETF IPng Working Group Mailing List
> IPng Home Page:                      http://playground.sun.com/ipng
> FTP archive:                      ftp://playground.sun.com/pub/ipng
> Direct all administrative requests to [EMAIL PROTECTED]
> --------------------------------------------------------------------
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: [EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------

Reply via email to