Re: DNS pulling BGP routes?

[Matthew Petach <mpetach () netflight com>]

On Tue, Oct 12, 2021 at 8:41 AM Masataka Ohta <
mohta () necom830 hpcl titech ac jp> wrote:

> Matthew Petach wrote:
>
> > With an anycast setup using the same IP addresses in every
> > location, returning SERVFAIL doesn't have the same effect,
> > however, because failing over from anycast address 1 to
> > anycast address 2 is likely to be routed to the same pop
> > location, where the same result will occur.
>
> That's why that is a bad idea. Alternative name servers with
> different IP addresses should be provided at separate locations.
>
>                                                 Masataka Ohta
Sure.  But that doesn't do anything to help prevent the
type of outage that hit Facebook, which was the point I
was trying to make in my response.  Facebook did use
different IP addresses, and it didn't matter, because the
underlying health of the network is what was at issue,
not the health of the nameservers.

I agree with you--different IP addresses should be
used in different geographic locations, even with
anycast setups.

But people need to also recognize that's not a
panacea that solves everything, and that it wouldn't
have changed the nature of the outage last week.

Thanks!  :)

Matt