nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DNS pulling BGP routes?

From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Sat, 9 Oct 2021 17:37:09 +0900
Christopher Morrow wrote:


means their DNS servers were serving the zone, even after they
recognize their zone data were too old, that is, expired.



that's not what this means. I think Mr. Petach previously described
this,


He wrote:


So, the idea is that if the edge CDN node loses connectivity to
the core datacenters, the DNS servers should stop answering
queries for A records with the local CDN node's address, and
let a different site respond back to the client's DNS request.


which may be performed by standard DNS with short expire period,
after which name servers will return SERVFAIL and other name
servers in other edge node with different IP addresses are tried.

It may be that facebook uses all the four name server IP addresses
in each edge node. But, it effectively kills essential redundancy
of DNS to have two or more name servers (at separate locations)
and the natural consequence is, as you can see, mass disaster.


but: 1) dns server in pop serves some content (ttls aren't
important right now)


You MUST distinguish TTL and EXPIRE. They are different.

> there's not a lot of magic here... and it's not about the zone data
> really at all.

Statement of Petach: "the edge CDN node loses connectivity to
the core datacenters, the DNS servers should stop answering"
means, with DNS terminology, zone data is expired, which has
nothing to do with TTL.

                                                Masataka Ohta
Previous By Date Next
Previous By Thread Next

Current thread: