nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DNS anycasting - multiple DNS servers on same subnet Vs registrar/registry policies

From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Mon, 28 May 2012 15:37:13 -0400
On May 28, 2012, at 15:24 , Anurag Bhatia wrote:

On Tue, May 29, 2012 at 12:50 AM, Tony Finch <dot () dotat at> wrote:

Anurag Bhatia <me () anuragbhatia com> wrote:


One small concern I wanted to discuss here. I know few
registry/registrars which do not accept both (or all) name servers of
domain name on same subnet. They demand at least 1 DNS server should be
on different subnet for failover reasons (old thoughts).

How one can deal with such case in case of anycasting setup which using
one single subnet everywhere?


You still want name servers on more than one subnet in case the anycast
setup breaks.


I am building redundancy within that setup. I mean it will be software
based BGP so if hardware if fried up, it will break BGP session and pull
off routes anyway and for cases like DNS server (software) failure, I will
monitor it via simple bash script which can turn bgp daemon down. So once
it is off, routing tables should take it to different node.


Famous last words: "I am building redundancy...."  As if "redundancy" stops someone else announcing your prefix and 
sucking in half the packets on the 'Net meant for you.  (Just one of many failure modes against which you cannot 
possibly defend.)

That said, IMHO, if you want to shoot yourself in the foot, you should be allowed to do so.  Your foot, your decision.  
I'm sure there are registrars out there that do not babysit you.  Find one that doesn't tell you how to run your own 
infrastructure.

And enjoy the extra spice that gives your life. :)

-- 
TTFN,
patrick
Previous By Date Next
Previous By Thread Next

Current thread: