nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DNS anycasting - multiple DNS servers on same subnet Vs registrar/registry policies

From: Anurag Bhatia <me () anuragbhatia com>
Date: Tue, 29 May 2012 01:17:34 +0530
On Tue, May 29, 2012 at 1:07 AM, Patrick W. Gilmore <patrick () ianai net>wrote:


On May 28, 2012, at 15:24 , Anurag Bhatia wrote:

On Tue, May 29, 2012 at 12:50 AM, Tony Finch <dot () dotat at> wrote:

Anurag Bhatia <me () anuragbhatia com> wrote:


One small concern I wanted to discuss here. I know few
registry/registrars which do not accept both (or all) name servers of
domain name on same subnet. They demand at least 1 DNS server should be
on different subnet for failover reasons (old thoughts).

How one can deal with such case in case of anycasting setup which using
one single subnet everywhere?


You still want name servers on more than one subnet in case the anycast
setup breaks.


I am building redundancy within that setup. I mean it will be software
based BGP so if hardware if fried up, it will break BGP session and pull
off routes anyway and for cases like DNS server (software) failure, I

will

monitor it via simple bash script which can turn bgp daemon down. So once
it is off, routing tables should take it to different node.


Famous last words: "I am building redundancy...."  As if "redundancy"
stops someone else announcing your prefix and sucking in half the packets
on the 'Net meant for you.  (Just one of many failure modes against which
you cannot possibly defend.)

Well, you could make me realize those painful points more humble way.

Anyways, really appreciate points you made and yes, I must find some way
out to them.  May be I was wrong in posting question here before doing my
homework. I am sorry everyone.


Thanks.


That said, IMHO, if you want to shoot yourself in the foot, you should be

allowed to do so.  Your foot, your decision.  I'm sure there are registrars
out there that do not babysit you.  Find one that doesn't tell you how to
run your own infrastructure.

And enjoy the extra spice that gives your life. :)

--
TTFN,
patrick






-- 

Anurag Bhatia
anuragbhatia.com
or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected
network!

Linkedin <http://in.linkedin.com/in/anuragbhatia21> |
Twitter<https://twitter.com/anurag_bhatia>|
Google+ <https://plus.google.com/118280168625121532854>
Previous By Date Next
Previous By Thread Next

Current thread: