North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: anycasting behind different ASNs?
On Wed, 06 Dec 2006 09:38:10 -0800 matthew zeier <[email protected]> wrote: > Are there any practical issues with announcing the same route behind > different ASNs? This is known as Multiple Origin AS of which you should be able to find plenty of discussion and articles about. It's not uncommon and as far as I know generally doesn't cause any operational problems in and of itself, though doing it should be well thought out and understood since depending on how things fit into the routing topology, packets may not flow as you expect. > Shortly I'll have two seperate sites (EU, US) announcing their own space > behind their own ASNs but have a desire to anycast a particular network > out of both locations as well. In the talk on zonecheck.fr in reference to testing for authoritative DNS server set diversity at the OARC meeting, something similar to this came up: <http://public.oarci.net/oarc/workshop-2006/agenda/> That was not part of the public portion, but the slides are available. Since I basically asked that question of the presenter when AS origin diversity was highlighted as one of the tests I'll summarize what I think is a reasonable concensus on the issue in that forum. Having a single origin ASes in the NS RRset may indicate insufficient network connectivity diversity. This is commonly the case where a single AS represents a network at a geographically isolated insitution. In this case it may be appropriate to house a server on another network prefix with a different origin AS and upstream connectivity. In the case of larger networks or anycast however, this may not be such a useful measure of diversity and in fact many large DNS service providers use a single origin AS for all their server instances. One might still argue in those cases that multiple origin ASes might help mitigate problematic local policy decisions such as load balancing that is done based on an ASN or perhaps due to incorrect AS path filters, but I think most would agree that in practice that is a pretty weak argument. John