nanog mailing list archives
Re: Anycast provider for SMTP?
From: William Herrin <bill () herrin us>
Date: Mon, 15 Jun 2015 14:54:40 -0400
On Mon, Jun 15, 2015 at 2:13 PM, Bill Woodcock <woody () pch net> wrote:
Or you could skip the MX records, and just put both US and European SMTP servers on the same IP address, which would save a lot of steps and simplify the system, but leave you with the _very_ occasional corner-case of someone equal-path-length load-balancing traffic to you such that half of one TCP session goes to Europe, and half the the US. That’s a bogeyman that scares a lot of people into not using anycast for TCP services, particularly long-lived ones, but it’s a theoretical problem rather than an actually-observed-in-the-wild problem. But since it scares people, it’s probably safer just doing the DNS anycast, rather than SMTP anycast, to avoid startling the easily-upset out there. :-)
If I had a dollar for every system that's collapsed from a known but previously "theoretical" problem... It's only theoretical until a VIP can't connect. Deploy a system without covering the corner cases and your comeuppance is assured. Okay, granted you can probably cover your corner case here with a priority 20 MX that leads to a unicast address on one of the two servers. SMTP can let the rare fellow with the bisected packet flow gracefully fall back. Nevertheless, I think you've offered some really bad advice here Bill. Hijackers killing the passengers was a bogeyman too. If you just kept calm and cooperated, you lived through it. Until you didn't, and allowed yourself to be an instrument in killing thousands on the ground as a bonus. Sometimes the math offers really bad advice. On Mon, Jun 15, 2015 at 2:28 PM, Nick Hilliard <nick () foobar org> wrote:
On 15/06/2015 19:09, William Herrin wrote:Anycast + TCP = much pain, for reasons which should be obvious.This was presented at some conference or other a couple of years ago: https://www.nanog.org/meetings/nanog37/presentations/matt.levine.pdf
Thought the comment on page 22 was apropos: their plan is to be dead before future change catches up with them. Regards, Bill Herrin -- William Herrin ................ herrin () dirtside com bill () herrin us Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
Current thread:
- Re: Anycast provider for SMTP?, (continued)
- Re: Anycast provider for SMTP? Nick Hilliard (Jun 15)
- Re: Anycast provider for SMTP? Dave Taht (Jun 15)
- Re: Anycast provider for SMTP? Joe Abley (Jun 15)
- Re: Anycast provider for SMTP? Dave Taht (Jun 15)
- Re: Anycast provider for SMTP? Randy Bush (Jun 15)
- Re: Anycast provider for SMTP? Dave Taht (Jun 15)
- Re: Anycast provider for SMTP? Matt Palmer (Jun 16)
- Re: Anycast provider for SMTP? Rafael Possamai (Jun 17)
- Re: Anycast provider for SMTP? Nick Hilliard (Jun 15)
- Re: Anycast provider for SMTP? John Orthoefer (Jun 15)
- Re: Anycast provider for SMTP? William Herrin (Jun 15)
- Re: Anycast provider for SMTP? Christopher Morrow (Jun 15)
- Re: Anycast provider for SMTP? John Levine (Jun 15)
- Re: Anycast provider for SMTP? Bill Woodcock (Jun 16)
- Re: Anycast provider for SMTP? William Herrin (Jun 16)
- Re: Anycast provider for SMTP? Bill Woodcock (Jun 16)
- Re: Anycast provider for SMTP? Mark Andrews (Jun 16)