nanog mailing list archives
anycast (Re: Internet vulnerabilities)
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Fri, 5 Jul 2002 16:55:38 +0000 (GMT)
ME> Date: Fri, 05 Jul 2002 12:28:46 -0400 ME> From: Marshall Eubanks ME> Let's go through this a little. ME> ME> Let's say that you and I are running the foo service in ME> anycast. You announce the foo IP address (say in a /24) ME> behind your AS, I announce the same /24 behind my AS. Now, if ME> my foo server goes down, how do my routers know to withdraw The server must have some routing intelligence. The simplest case is a machine running Zebra speaking BGP or OSPF; if Zebra is up, so is the route. A process can monitor DNS and kill the route if needed. Better yet, hack Zebra. Use Unix domain sockets and hack BIND to send keepalives to Zebra. Or have Zebra launch BIND (a la DJB's daemontools) and watch for SIGCHLD or use kqueue() on FreeBSD or OpenBSD. Remember to apply some dampening before spewing IGP equivalent into global tables. ME> the announcements ? If they don't, why wouldn't people ME> "closer" to me still try and get the foo service from me, ME> alas, without success. That's what I meant. Yes, shortest path wins. That's why the routes must be yanked when DNS dies. If you have an internal backbone, anycast gets easier. Hint: no MEDs needed (or even wanted), many BGP speakers, aggregation. Stable routes to the outside world, and your IGP deals with dead servers. ME> Or, are you saying that an anycast host has to be a router ME> running BGP ? So if it goes down, so would the service and Perhaps not BGP, but some routing intelligence. ME> the announcements? This works for DNS, but not for the things ME> I would like to anycast. What would you like to anycast? Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist () brics com> To: blacklist () brics com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist () brics com>, or you are likely to be blocked.
Current thread:
- Re: Internet vulnerabilities, (continued)
- Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
- Re: Internet vulnerabilities Bill Woodcock (Jul 05)
- RE: Internet vulnerabilities Barry Raveendran Greene (Jul 05)
- RE: Internet vulnerabilities Stephen J. Wilcox (Jul 05)
- Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
- Re: Internet vulnerabilities Stephen J. Wilcox (Jul 05)
- Re: Internet vulnerabilities Lars Erik Gullerud (Jul 05)
- anycast DNS (Re: Internet vulnerabilities) E.B. Dreger (Jul 05)
- Re: Internet vulnerabilities Rodney Joffe (Jul 05)
- Re: Internet vulnerabilities Marshall Eubanks (Jul 05)
- anycast (Re: Internet vulnerabilities) E.B. Dreger (Jul 05)
- Re: Internet vulnerabilities Bill Woodcock (Jul 05)
- Re: Internet vulnerabilities Rodney Joffe (Jul 05)
- Re: Internet vulnerabilities Stephen Griffin (Jul 07)
- WorldComm Fiber Cut???? Gerardo A. Gregory (Jul 07)
- Re: WorldComm Fiber Cut???? Sean Donelan (Jul 07)
- Re: WorldComm Fiber Cut???? neil d. quiogue (Jul 07)
- Re: WorldComm Fiber Cut???? Pawlukiewicz Jane (Jul 08)
- Re: Internet vulnerabilities Richard A Steenbergen (Jul 07)
- Re: Internet vulnerabilities Bill Woodcock (Jul 07)
- RE: Internet vulnerabilities Bill Woodcock (Jul 05)