nanog mailing list archives

Re: Internet vulnerabilities

From: "Stephen J. Wilcox" <steve () opaltelecom co uk>
Date: Fri, 5 Jul 2002 14:16:35 +0100 (BST)


Hi Marshall

If a route isnt withdrawn when the end network/device fails then no system will
fix that.

Presumably anycast wouldnt enable load balancing anyway as BGP only installs a
single route?

Or are you thinking both of these would be solved with a BGP enhancement?


Dont understand the multiple anycast comment, do you mean as it stands now? If
so it works fine if you inject the same route into an IGP providing you ensure
theres no IGP load balancing if you intend on doing TCP (altho most applications
for this appear to be UDP single request-responses)

Steve

On Fri, 5 Jul 2002, Marshall Eubanks wrote:

On Fri, 5 Jul 2002 13:36:49 +0100 (BST)
 "Stephen J. Wilcox" <steve () opaltelecom co uk> wrote:


Doesnt announcing the same routing prefix into BGP from multiple locations do
the same thing without needing a new range or enhancement in IGMP etc ?

We do this in IGP currently..

Steve


As I see it, the problems with doing this in BGP are

- it's static - no failover. If AS 701 and AS 1239 are both
announcing a route to foo, and your preferred route is "through" AS701,
and the AS701 foo goes down, then you do not
automatically switch over to the AS1239 foo, even if you could reach it.

- there is no way to have multiple anycast addresses within an AS

- load balancing is tough

These may all be solved, though... it's hard to tell without a protocol
description.

Regards
Marshall Eubanks





On Fri, 5 Jul 2002, Barry Raveendran Greene wrote:



FYI - for those scratching their heads on "anycast" .....

I just pushed out a paper on anycast by Chris Metz. Good foundation
material.

http://www.cisco.com/public/cons/isp/essentials/ip-anycast-cmetz-03.pdf

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
Bill Woodcock
Sent: Friday, July 05, 2002 4:56 AM
To: Marshall Eubanks
Cc: nanog () merit edu
Subject: Re: Internet vulnerabilities



    > But the only IPv4 anycast
    > that I know of does use MSDP :
    >
http://www.ietf.org/internet-drafts/draft-ietf-mboned-anycast-rp-08.txt
    > Is there a different proposal ? What's the RFC / I-D name ?

You seem to be confusing anycast with something complicated.  It's not a
protocol, it's a method of assigning and routing addresses.

                                -Bill

Current thread:

Re: Internet vulnerabilities, (continued)
- - Re: Internet vulnerabilities Paul Vixie (Jul 04)
    - Re: Internet vulnerabilities Marshall Eubanks (Jul 04)
    - Re: Internet vulnerabilities Paul Vixie (Jul 04)
    - Re: Internet vulnerabilities E.B. Dreger (Jul 04)
    - Re: Internet vulnerabilities Bill Woodcock (Jul 04)
    - Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
    - Re: Internet vulnerabilities Bill Woodcock (Jul 05)
    - RE: Internet vulnerabilities Barry Raveendran Greene (Jul 05)
    - RE: Internet vulnerabilities Stephen J. Wilcox (Jul 05)
    - Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
    - Re: Internet vulnerabilities Stephen J. Wilcox (Jul 05)
    - Re: Internet vulnerabilities Lars Erik Gullerud (Jul 05)
    - anycast DNS (Re: Internet vulnerabilities) E.B. Dreger (Jul 05)
    - Re: Internet vulnerabilities Rodney Joffe (Jul 05)
    - Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
    - anycast (Re: Internet vulnerabilities) E.B. Dreger (Jul 05)
    - Re: Internet vulnerabilities Bill Woodcock (Jul 05)
    - Re: Internet vulnerabilities Rodney Joffe (Jul 05)
    - Re: Internet vulnerabilities Stephen Griffin (Jul 07)
    - WorldComm Fiber Cut???? Gerardo A. Gregory (Jul 07)
    - Re: WorldComm Fiber Cut???? Sean Donelan (Jul 07)

(Thread continues...)