nanog mailing list archives
Re: Recommended DNS server for a medium 20-30k users isp
From: Måns Nilsson via NANOG <nanog () lists nanog org>
Date: Sat, 9 Aug 2025 14:38:36 +0200
Subject: Re: Recommended DNS server for a medium 20-30k users isp Date: Fri, Aug 08, 2025 at 10:09:04AM -0700 Quoting William Herrin via NANOG (nanog () lists nanog org):
On Fri, Aug 8, 2025 at 9:42 AM Josh Luthman <josh () imaginenetworksllc com> wrote:I do Anycast for much much smaller. It's great to reboot one server and have the other take all of the load. 0 customer interruption, not even a single DNS query lost.Hi Josh, You don't need anycast routing to do that, or more precisely you don't need the route to persist in an anycast state for more than a few seconds during the handoff. You can implement dynamic but still unicast routing to the DNS servers without incurring the wrath of the anycast gods.
The elephant in the room is cascading failures. Other than that, I'd not want to be without anycast for its service level record. I don't have to be up in the middle of the night to patch my resolvers. I can take the most loaded one out of service at any time by shutting down BGP, waiting a couple seconds, and it will be completely drained from requests, and I can reboot. No customer or end user is going to notice. Regarding TCP, yes, this is a potential issue. You can think about it and it will grow in your mind, or you can do some observations and conclude that unless you messed your routing up really badly (which is not DNS' fault but still on-topic here) the mean session length for a client-to 1st hop resolver TCP session is going to be orders of magnitude shorter than the times between routing updates that make a certain router change its mind about which anycast node is the closest one. Further, I'd make an educated guess and say that the recursion traffic going from resolver to auth server is much more likely to hit TCP. And that is unicast all the way. Also, EDNS0. We usually have ~1200 bytes to play with. Not 512. YMMV. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE SA0XLR +46 705 989668 YOW!! Everybody out of the GENETIC POOL!
Attachment:
signature.asc
Description:
_______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/ZIWKWBDSR4GBLC7FJT7I72CC3TIBYHWL/
Current thread:
- Re: Recommended DNS server for a medium 20-30k users isp, (continued)
- Re: Recommended DNS server for a medium 20-30k users isp Jérôme Nicolle via NANOG (Aug 15)
- Re: Recommended DNS server for a medium 20-30k users isp Tom Beecher via NANOG (Aug 15)
- Re: Recommended DNS server for a medium 20-30k users isp Jérôme Nicolle via NANOG (Aug 15)
- Re: Recommended DNS server for a medium 20-30k users isp Tom Beecher via NANOG (Aug 15)
- Re: Recommended DNS server for a medium 20-30k users isp Jérôme Nicolle via NANOG (Aug 15)
- Re: Recommended DNS server for a medium 20-30k users isp Randy Bush via NANOG (Aug 15)
- Re: Recommended DNS server for a medium 20-30k users isp Saku Ytti via NANOG (Aug 12)
- Re: Recommended DNS server for a medium 20-30k users isp Josh Luthman via NANOG (Aug 08)
- Re: Recommended DNS server for a medium 20-30k users isp William Herrin via NANOG (Aug 08)
- Re: Recommended DNS server for a medium 20-30k users isp Måns Nilsson via NANOG (Aug 09)
- Re: Recommended DNS server for a medium 20-30k users isp William Herrin via NANOG (Aug 09)
- Re: Recommended DNS server for a medium 20-30k users isp Steinar Haug via NANOG (Aug 08)
- Re: Recommended DNS server for a medium 20-30k users isp Mike Simpson via NANOG (Aug 08)