Not all any-casted prefixes are DNS resolvers and not all DNS resolvers are anycasted. It sounds like you would be better served by a list of well-known DNS resolvers.
On Thu, Mar 21, 2019 at 12:35 PM Bryan Holloway <br...@shout.net> wrote: > > On 3/21/19 10:59 AM, Frank Habicht wrote: > > Hi James, > > > > On 20/03/2019 21:05, James Shank wrote: > >> I'm not clear on the use cases, though. What are the imagined use > cases? > >> > >> It might make sense to solve 'a method to request hot potato routing' > >> as a separate problem. (Along the lines of Damian's point.) > > > > my personal reason/motivation is this: > > Years ago I noticed that my traffic to the "I" DNS root server was > > traversing 4 continents. That's from Tanzania, East Africa. > > Not having a local instance (back then), we naturally sent the traffic > > to an upstream. That upstream happens to be in that club of those who > > don't have transit providers (which probably doesn't really matter, but > > means a "global" network). > > /snip > > > Greetings, > > Frank > > > > I can think of another ... > > We rate-limit DNS from unknown quantities for reasons that should be > obvious. We white-list traffic from known trusted (anycast) ones to > prevent a DDoS attack from throttling legitimate queries. This would be > a useful way to help auto-generate those ACLs. >