nanog mailing list archives
anycast DNS (Re: Internet vulnerabilities)
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Fri, 5 Jul 2002 14:12:49 +0000 (GMT)
ME> Date: Fri, 05 Jul 2002 09:05:44 -0400 ME> From: Marshall Eubanks ME> - it's static - no failover. If AS 701 and AS 1239 are both ME> announcing a route to foo, and your preferred route is ME> "through" AS701, and the AS701 foo goes down, then you do not ME> automatically switch over to the AS1239 foo, even if you ME> could reach it. ??? ME> - there is no way to have multiple anycast addresses within ME> an AS ??? ME> - load balancing is tough Just as tough as load-balancing over different upstreams in a multihomed network. That's all anycast really is: multihoming with the added twist of using multiple, separate systems instead of one. Each system has a unique, non-anycast IP address bound as the primary IP, allowing communication between the disjoint parts. Secondary IP(s) live(s) in the anycast range, and is/are routed appropriately. You can bind the appropriate 192.175.48/24 addresses to your NSen and run an authoritative copy of the root TLD. IIRC, Paul even mentioned doing this a few weeks ago... I believe the thread was on dynamic DNS updates and Win2000's broken implementation. Think of anycast as DDoS in reverse: Instead of distributed traffic sources, one has distributed traffic sinks. Hence the attractiveness in surviving DDos attacks. Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist () brics com> To: blacklist () brics com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist () brics com>, or you are likely to be blocked.
Current thread:
- Re: Internet vulnerabilities, (continued)
- Re: Internet vulnerabilities Paul Vixie (Jul 04)
- Re: Internet vulnerabilities E.B. Dreger (Jul 04)
- Re: Internet vulnerabilities Bill Woodcock (Jul 04)
- Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
- Re: Internet vulnerabilities Bill Woodcock (Jul 05)
- RE: Internet vulnerabilities Barry Raveendran Greene (Jul 05)
- RE: Internet vulnerabilities Stephen J. Wilcox (Jul 05)
- Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
- Re: Internet vulnerabilities Stephen J. Wilcox (Jul 05)
- Re: Internet vulnerabilities Lars Erik Gullerud (Jul 05)
- anycast DNS (Re: Internet vulnerabilities) E.B. Dreger (Jul 05)
- Re: Internet vulnerabilities Rodney Joffe (Jul 05)
- Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
- anycast (Re: Internet vulnerabilities) E.B. Dreger (Jul 05)
- Re: Internet vulnerabilities Bill Woodcock (Jul 05)
- Re: Internet vulnerabilities Rodney Joffe (Jul 05)
- Re: Internet vulnerabilities Stephen Griffin (Jul 07)
- WorldComm Fiber Cut???? Gerardo A. Gregory (Jul 07)
- Re: WorldComm Fiber Cut???? Sean Donelan (Jul 07)
- Re: WorldComm Fiber Cut???? neil d. quiogue (Jul 07)
- Re: WorldComm Fiber Cut???? Pawlukiewicz Jane (Jul 08)