To:
Stephane Bortzmeyer <bortzmeyer@nic.fr>, Bruce Campbell <bruce.campbell@ripe.net>
Cc:
Brad Knowles <brad.knowles@skynet.be>, Bill Woodcock <woody@pch.net>, dnsop@cafax.se
From:
"J-F C. (Jefsey) Morfin" <jefsey@club-internet.fr>
Date:
Mon, 11 Nov 2002 11:38:25 +0100
In-Reply-To:
<20021108140221.GA24335@nic.fr>
Sender:
owner-dnsop@cafax.se
Subject:
Re: quibbles about what is anycast.
At 15:02 08/11/02, Stephane Bortzmeyer wrote: >RFC 3258 gave another reason why anycast will work for a set of name >servers widely spreaded (such as in Karrenberg's proposal to anycast >k.root-servers.net): The second is that the aim of this proposal is to >diversify >topological placement; for most users, this means that the >coordination of placement will ensure that new instances of a name >server will be at a significantly different cost metric from existing >instances. Some set of users may end up in the middle, but that >should be relatively rare. This only addresses the DDoS aspect. Shoul not a global security and stability vision be considered? What are the cons/pros IRT other threats? To well disseminate a wrong root information is to make sure that wrong information will be inoculated faster, better, all over. Will such a multicasted system be easily restored? Let imagine a root hacking followed by a DDoS to impeach the further root file correction to raeach one network area. Is that a stupid scenario? jfc