JS> Date: Mon, 11 Oct 2004 17:23:19 +0800 (CST) JS> From: Joe Shen JS> 1. As it's descripted in J.Abley's paper, DNS server JS> in anycast group should be configured with a real IP JS> on its NIC and one or two service IP on loopback Service IP addresses also are "real IP" addresses. JS> interface(s). BIND listen on both real IP and service JS> IPs. Any DNS answer packet will be encapsulated with JS> source address as service IP. To my understanding, s/encapsulated with/sourced from/ JS> this is OK for root servers because they do not invoke JS> recursive lookup procedure. But, if the DNS server is JS> a member of ISP's DNS Cache server farm, recursive JS> lookup packets to other DNS server MUST be JS> encapsulated with real IP address. s/encapsulated with real/sourced from unicast/ JS> Is BIND or other DNS software capable of JS> distinguishing between DNS answer back packet and JS> recursive lookup packets? or could this be done JS> automatically by operating system like Solaris, Linux, JS> FreeBSD? Not sure what you're asking, but it's probably OT. If I understand you correctly, RFC 1034 or 1035 would be the place you should start; it sounds like you're asking a protocol question. JS> 2. If we want to design a hierachical DNS service JS> system which distribute across multiple private AS of JS> an ISP, is there any problem to select service IP JS> randomly from unused address pool? Standard routing rules apply. Think of anycast as multihoming with a disjoint backend. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita