On Thu, 18 Sep 2003, Leo Bicknell wrote: : > Anycast is *NOT* a "redundancy and reliability" system when dealing with : > application-based services like DNS. Rather, anycast is a geographically : : I think you'll find most people on the list would disagree with you : on this point. Many ISP's run anycast for customer facing DNS : servers, and I'll bet if you ask the first reason why isn't because : they provide faster service, or distribute load, but because the : average customer only wants one or two IP's to put in his DNS config, : and gets real annoyed when they don't work. And guess what: neither of the two addresses supplied by UltraDNS worked last night for some sites, because their anycast configuration is not allowing DNS redundancy. It is depending on every site somehow choosing different routes for both addresses, which is not guaranteed. Anycasting only works as a redundancy scheme when you have a mesh of *partially* overlapping BGP advertisements, so that a client has a guarantee that at least one address in the mix is located elsewhere from the rest. : So it is a redundancy and reliability thing, the customer can configure : (potentially) one address, and the ISP can have 10 servers for it so if : one dies all is well. But if all such anycast addresses have the ability to point to the same physical location, there is only an illusion of redundancy, because there's no way to get an alternate access point to the zone if a site is choosing a dead route for all server addresses. It doesn't matter how many other servers at the DNS provider are still working, because some sites can choose -- and have demonstrably chosen -- a single, dead site for all available anycast NS addresses in a setup like this (UltraDNS's .ORG configuration). : Is it appropriate for a gTLD? UltraDNS's setup isn't even appropriate for a 2LD. I'm damned glad that I don't have my subdomains hosted there. -- -- Todd Vierling <tv@duh.org> <tv@pobox.com>