Here's a theoretical solution to this problem that I'd like to open for discussion.
In each location where a provider hosts their anycasted service, there is likely a local, non-anycasted IP address for each server.
There should be, yes.
When receiving a DNS request that is not in the local cache, or has expired, make the new request on that local IP address interface, rather than on the anycasted IP address interface.
Yes. You probably have to do this in any case. Think about it. If you have anycasted recursers in IAD, SJC, AMS, and HKG, and you're asking for an answer hosted on a nameserver near IAD, and the query goes from the anycast address to the near-IAD auth nameserver, then the response will probably wind up at IAD, even if it was the HKG server asking. That will not enable the HKG server to answer you. You can probably hack your way around that issue by creative use of VPNs and port assignments, but that's just a really poor-sounding solution. Using the local IP address makes the right thing just magically happen.
I'm curious to find out if others on the list know what other companies are using GSLB, and what the actual impact of anycasted DNS caching nameservers has on GSLB records. If enough people are using anycasted DNS resolution services, implementing a fix like this would reduce network traffic. By how much, I don't know.
The real problem is that if you're using an anycasted service, there is a good chance that the recurser you're using is much further away from you topologically than if you were just using a "local" recurser. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.