To:
dnsop@cafax.se
From:
hardie@equinix.com
Date:
Fri, 7 May 1999 10:04:30 -0700 (PDT)
In-Reply-To:
<4.1.19990507060837.00dbbc00@mako1.telstra.net> from Geoff Huston at "May 7, 99 06:10:39 am"
Reply-To:
dnsop@cafax.se
Sender:
owner-dnsop@cafax.se
Subject:
Re: Experiments in multi-placed root servers
> I recall the same comment at the time in the IEPG - that relying on the
> stability of the routing system for the coherent operation of the DNS Root
> Servers was very ill-advised.
>
>
>
> Geoff
I think that what we have in mind is simple enough that these issues
can be worked out, and there are a number of benefits (especially
during backhoe season) that compensate for the extra trouble. If
you'll forgive the incoherence which hits me when I talk without
a whiteboard, I'll try to go through it. I'll also be at NANOG, and
I'd be happy to grab a white board and go through it there with
anyone who is interested.
In order to offer services at our IXs, Equinix will be getting an AS
and speaking BGP. We are setting up a small "services" network at
each IX and a leased-line corporate WAN to synchronize those services.
I'm not very good at ASCII art, but I'll try to give a picture of it
below. Some things, like the potential for private cross-connects
into the service network router, are not pictured. In general,
though, the idea is that all the odd numbered routers announce the
route to the service network. All the dns servers on every service
network use a single globally-known IP address; each also has a second
interface and a second address, which are used only to monitor and
synchronize the servers. Router2 provides access from the corporate
WAN to that second address; it filters out any reference to the
globally-known IP address. Router1 similarly filters out references
to the second address. The basic idea would be to use the 2nd
addresses during the downloads and synch the zone file cutovers using
the stratum 1 NTP source sitting next to the dns server.
__________________
Peer 1-| |
Peer 2-| |-Route Servers
Peer 3-| Switch |
Transit| | _________ _________
etc | |--|Router1|---|----|-----|--------|Router2|---WAN-|
| | --------- | | | --------- |
| | | | | |
| | | | | |
------------------ [NTP] [DNS] [etc] |
|
|
|
|
__________________ |
Peer 1-| | |
Peer 2-| |-Route Servers |
Peer 3-| Switch | |
Transit| | _________ _________ |
etc | |--|Router3|---|----|-----|--------|Router4|---WAN-|
| | --------- | | | --------- |
| | | | | |
| | | | | |
------------------ [NTP] [DNS] [etc] |
|
|
|
|
__________________ |
Peer 1-| | |
Peer 2-| |-Route Servers |
Peer 3-| Switch | |
Transit| | _________ _________ |
etc | |--|Router5|---|----|-----|--------|Router6|---WAN-|
| | --------- | | | --------- |
| | | | | |
| | | | | |
------------------ [NTP] [DNS] [etc] |
|
|
|
|
__________________ |
Peer 1-| | |
Peer 2-| |-Route Servers |
Peer 3-| Switch | |
Transit| | _________ _________ |
etc | |--|Router7|---|----|-----|--------|Router8|---WAN-|
| | --------- | | | ---------
| | | | |
| | | | |
------------------ [NTP] [DNS] [etc]