bearing in mind there have been issues with org but not . i have thought in the past there probably should be mroe than two ns records in ns ..
all i can say is:
i believe that icann/afilias/ultradns would be very receptive to input from the ietf-dnsop wg on this topic. but it's not cut and dried ...
...by which i mean, even if it's the same people as would comment here on nanog, icann/afilias/ultradns would probably pay a lot more attention if the ietf's dnsop working group made such recommendations than if nanog made them.
its also not clear if there are two sets of nameservers in service or one set serving both addresses?
i think it's an even/odd thing. so, tld1.ultradns.net and tld2.ultradns.net each refer to a specific subset of .ORG nameservers.
i'm straying from the anycast theory a bit, but thought i'd mention my 2c on past issues with org (altho i dont believe they were caused by anycast itself)
anycast can be a source of dns incoherency. sometimes this is deliberate as in the case of akamai; sometimes it's an accident like one server being lame or broken; sometimes it's a protocol limitation like not all servers have AXFR'd a new zone-content yet. i've been thinking that to correctly diagnose unintentional dns incoherency would require that one of the many distributed networks of "probe boxes" run a looking-glass-like cgi page that let you launch a dns query from 100 or 1000 different places simultaneously, and compare the results. perhaps dfk and ripe's dnsmon are listening today. i've also been thinking that AXFR's known incoherency could be reduced by using some kind of in-band embargo that would bring a new zone version online synchronously on servers supporting this feature and configured to enable it for a particular zone. those kinds of thoughts are appropriate for nanog. whether .org should use anycast, or how many NS RRs it should have, are not.
participants (1)
-
Paul Vixie