To:
Randy Bush <randy@psg.com>
Cc:
Bruce Campbell <bruce.campbell@ripe.net>, dnsop@cafax.se
From:
Patrik Fältström <paf@cisco.com>
Date:
Mon, 4 Nov 2002 16:04:56 +0100
In-Reply-To:
<E188ian-000Aft-00@rip.psg.com>
Sender:
owner-dnsop@cafax.se
Subject:
Re: DoS and anycast
On måndag, nov 4, 2002, at 15:52 Europe/Stockholm, Randy Bush wrote: > to be specific, i see no reason that the root cache ip address for > server X should not be anycast internally within multiple isps as > long as > o the isps' anycast servers serve consistent data Ack > o the scope of the anycast routing announcement is bounded Ack > o if X is controlled by some entity, e.g. the iana, that the > entity coordinates the mechanism(s) of zone distribution and > authentication, and maybe even has means of testing content I don't know if we say the same thing. Let me try to explain what I think: If organization X is responsible for IP address Y today, i.e. X:Y is in the whois database, then X is also the organization people will call when wrong data comes from address Y, regardless of what copy of Y the wrong data comes from. Because of this, for every Y, there must be an X which know where all copies of Y is, so they can see/detect which one have wrong data -- and fix it. The organization X should even have a warning system which warns them when one of the copies of Y give wrong data / is out of sync. paf #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.