To:
David Conrad <david.conrad@nominum.com>
Cc:
Randy Bush <randy@psg.com>, Rob Austein <sra+dnsop@hactrn.net>, dnsop@cafax.se
From:
Brad Knowles <brad.knowles@skynet.be>
Date:
Mon, 28 Apr 2003 23:12:26 +0200
In-Reply-To:
<518783F5-7943-11D7-A953-000393DB42B2@nominum.com>
Sender:
owner-dnsop@cafax.se
Subject:
Re: draft-ietf-dnsop-serverid-01.txt
At 11:33 PM -0700 2003/04/27, David Conrad wrote: > If the server at a particular IP address returns <bar> to query <baz>, > you issue a CH class ID.SERVER query to that IP address from the same > client that received the suspicious result (making the assumption that > the routing system has not changed the server that will receive that > query). Regretfully, in a load-balanced world this won't work. An incoming query to a single IP address could be redirected to any of the back-end servers. > If you do not have access to the client or there is a potential for > the routing system to have changed which server will receive the CH > class ID.SERVER query, you can either ask the NOC for the non-anycast > IP addresses associated with the server and try each in turn or let > the folks at the NOC do their job and figure it out themselves. The server may not have a publicly accessible non-anycast or non-load-balanced address. > Does this address your concern or do I still not get it? I think we may have to just concede that there are going to be issues in an anycast or load-balanced environment, and maybe give some serious thought as to how we might work towards solving this problem in an EDNS environment. -- Brad Knowles, <brad.knowles@skynet.be> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++) #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.