ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

just a brief note about anycast

2003-12-08 09:14:06
from [Eliot Lear] [Permanent Link]
I realize that the anycast discussion was meant by Karl as an example. But there was precisely one technical concern I had when discussion got going. And that was that if something went wrong- meaning that someone was returning bad data- the IP address wouldn't necessarily provide a clear answer as to who the source of the bad data is.
I expressed this concern privately to Paul Vixie who provided me a very satisfactory answer: you can query the name server for a record that will provide you uniquely identifying information. I'll let Paul describe this, but it amounts to the borrowing of an unused class for management purposes.
While there is always room for improvement of course, Paul's answers make it clear to me that the root folk have given this some fairly careful thought. I also agree with Paul on another point- different methods used by different servers ARE a good thing, so that no one logical attack could take them all out.
Good documentation is also really important. It turns out there is some for F, at least. See http://www.isc.org/tn/isc-tn-2003-1.html by Joe Abley. 

Eliot
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: national security, Dean Anderson
Next by Date:  Re: national security, Joe Abley
Previous by Thread:  Re: national security - proposed follow-up, jfcm
Next by Thread:  Re: just a brief note about anycast, jfcm
Indexes:  [Date] [Thread] [Top] [All Lists]