To:
Bruce Campbell <bruce.campbell@ripe.net>
Cc:
Brad Knowles <brad.knowles@skynet.be>, dnsop@cafax.se
From:
Brad Knowles <brad.knowles@skynet.be>
Date:
Mon, 4 Nov 2002 18:40:08 -0600
In-Reply-To:
<Pine.LNX.4.44.0211040954130.4233-100000@x22.ripe.net>
Sender:
owner-dnsop@cafax.se
Subject:
Re: DoS and anycast
At 10:24 AM +0100 2002/11/04, Bruce Campbell wrote: > *sigh*. 'Anycast' just means that a given route is advertised by multiple > points (could be the same entity, could be different entities). Your > normal BGP path-selection algorithms choose the 'nearest' server based on > the shortest path that your router sees. Right, but if the route changes in the middle of the session, you'll get a TCP connection reset by the different server, and you'll have to start that conversation all over again. UDP survives anycast since it's a single packet. TCP won't do so reliably, and therefore it is not practical to try to use TCP anycast. -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++) #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.