To:
Patrik Fältström <paf@cisco.com>
Cc:
Bruce Campbell <bruce.campbell@ripe.net>, dnsop@cafax.se
From:
Randy Bush <randy@psg.com>
Date:
Mon, 04 Nov 2002 06:52:41 -0800
Sender:
owner-dnsop@cafax.se
Subject:
Re: DoS and anycast
>>>> Under no circumstances whatsoever should Joe Random ISP be
>>>> running anycast root.
>>> Well, if they do it to their own network, thats their problem.
>>> If they advertise reachability to it without prior approval,
>>> thats everyone's problem.
>> bingo!
>> note that the large isps have been running anycast caches (and some
>> auths) for many years.
> The first sentence which was quoted said Joe Random ISP is to run one
> of the anycast root servers. What Randy says is that one organization
> controls all copies of some address which is anycasted.
i certainly did not mean to say that.
to be specific, i see no reason that the root cache ip address for
server X should not be anycast internally within multiple isps as
long as
o the isps' anycast servers serve consistent data
o the scope of the anycast routing announcement is bounded
o if X is controlled by some entity, e.g. the iana, that the
entity coordinates the mechanism(s) of zone distribution and
authentication, and maybe even has means of testing content
randy
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.