Re: Question on IP address used by anycast DNS cache server

North American Network Operators Group

Re: Question on IP address used by anycast DNS cache server

From: James
Date: Mon Oct 11 10:22:50 2004

On Mon, Oct 11, 2004 at 05:23:19PM +0800, Joe Shen wrote:
> 
> Hi,
> 
> I'm , but I met some questions when reading those
> paper from ISC on F-root anycasting.
> 
> 1. As it's descripted in J.Abley's paper, DNS server
> in anycast group should be configured with a real IP
> on its NIC and one or two service IP on loopback
> interface(s). BIND listen on both real IP and service
> IPs. Any DNS answer packet will be encapsulated with
> source address as service IP.  To my understanding,
> this is OK for root servers because they do not invoke
> recursive lookup procedure. But, if the DNS server is
> a member of  ISP's DNS Cache server farm, recursive
> lookup packets to other DNS server MUST be
> encapsulated with real IP address. 
> 
> Is BIND or other DNS software capable of
> distinguishing between DNS answer back packet and
> recursive lookup packets? or could this be done
> automatically by operating system like Solaris, Linux,
> FreeBSD?

options {
 query-source-address your.unicast.ip.addr;
}

> 
> 2. If we want to design a hierachical DNS service
> system which distribute across multiple private AS of
> an ISP, is there any problem to select service IP
> randomly from unused address pool? 

This is not a rocket science. Pick a /29 or /30, inject it at multiple places
with capable dns farms into your IGP, or into your IBGP with similar attribs.
Make sure unicast addresses are also supplied to name servers so that they
can source their recursive lookups from unicast, not anycast.

The difference between anycast and unicast in IPv4 is that anycast is simply
a block of what would be unicast addrs, available via multiple end points using
a routing protocol.

See http://www.nanog.org/mtg-0310/miller.html

HTH,
-J

-- 
James Jun                                            TowardEX Technologies, Inc.
Technical Lead                        Network Design, Consulting, IT Outsourcing
[email protected]                  Boston-based Colocation & Bandwidth Services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc: www.twdx.net

References:
- Question on IP address used by anycast DNS cache server Joe Shen

Prev by Date: deprecating BCP38 and similar
Next by Date: Re: [OT] Good Anti-Spam Boilerplate
Date Index
Thread Index
Author Index
Historical