On 16-dec-04, at 12:52, Daniel Karrenberg wrote:
That's definitely true, though it can be used successfully -- if there's a very reliable kill-switch to withdraw the advertisement in a moment, or some kind of fallback mechanism in place to handle gross failures.
Using this as the *only* remedy for unavailability of an anycast instance is insufficient given the speed at which bad news travels in BGP. You want to have the service available at multiple addresses with each of those engineered as differently as possible.
And that's exactly why UltraDNS' treatment of .org is evil. I really don't understand why people with .org domains aren't complaining louder about this. There are also other risks associated with anycast. See discussions on the IETF list earlier this year: about anycast + per packet load balancing ("[dnsop] Re: Root Anycast (fwd)", early october) and about root anycast ("13 Root Server Limitation", may).