![Page 1: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/1.jpg)
Anycast DNS
![Page 2: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/2.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Outline
Current Anycast routing Anycast implemented Problems resolved Future
![Page 3: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/3.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Definitions
DNS Authoritative Recursive/Caching
![Page 4: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/4.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Current DNS
IP Address Management: Maintain DNS: ISC BIND
![Page 5: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/5.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Current DNS – Layer 1
![Page 6: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/6.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Current DNS Layer 7
![Page 7: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/7.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
DNS Problems 1
Load Redundancy Configuration
![Page 8: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/8.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
DNS Problems 2
Constituency Caching Monitoring Complexity Non-standard Domains
![Page 9: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/9.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
DNS Requirements
Availability Redundancy Complexity Integration
![Page 10: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/10.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
“New” DNS Design*
+Linux +ISC Bind+Cfengine+Anycast Routing
![Page 11: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/11.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Why Linux?
Cost Hardware
![Page 12: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/12.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Routing - Unicast
Single machine to single machine
Web browsing
![Page 13: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/13.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Routing - Broadcast
Single machine to all
ARP lookup
![Page 14: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/14.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Routing - Multicast
Single machine to some (not all)
Save resources IP TV
![Page 15: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/15.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Routing - Anycast
Single machine to one of some
DNS/RADIUS/NTP
Single machine to one of some
DNS/RADIUS/NTP
![Page 16: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/16.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Anycast – Is it new?
95% of the root name servers Corporations (eg: easydns.com) Google
![Page 17: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/17.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Anycast - Implemented 1
RHEL host runs Quagga (open source router)
Hosts have a /30 uplink to a constituency router
![Page 18: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/18.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Anycast - Implemented 2
The router config for cr-adns-mc-1
router ospf ospf router-id 129.97.2.54 passive-interface sit0 network 129.97.2.1/32 area 0.0.0.1 network 129.97.2.2/32 area 0.0.0.1 network 129.97.2.52/30 area 0.0.0.1 network 172.16.3.0/32 area 0.0.0.1
![Page 19: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/19.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Anycast - Implemented 3Routing entry for 129.97.2.1/32
Known via "ospf 10", distance 110, metric 11, type intra area
Last update from 129.97.2.54 on Vlan505, 1d05h ago
Routing Descriptor Blocks:
129.97.2.74, from 129.97.2.74, 1d05h ago, via Vlan500
Route metric is 11, traffic share count is 1
* 129.97.2.66, from 129.97.2.66, 1d05h ago, via Vlan502
Route metric is 11, traffic share count is 1
129.97.2.62, from 129.97.2.62, 1d05h ago, via Vlan503
Route metric is 11, traffic share count is 1
![Page 20: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/20.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Anycast Cluster – Layer 1
![Page 21: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/21.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Failure - Single Node
Hardware Failure
Network failure Routine
Maintenance
![Page 22: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/22.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Failure - Single Node
![Page 23: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/23.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Failure – MC Machine Room
![Page 24: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/24.jpg)
![Page 25: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/25.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Failure – All MC
![Page 26: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/26.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Failure Timings
Expected Worst case: 65s Technical Worst case: 105s Mitigate with unicast secondary
![Page 27: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/27.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Load - Authoritative
![Page 28: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/28.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Load - Caching
![Page 29: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/29.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Problems Addressed – Total Load
Current Total 9/5k Anycast Total 100/30K Load ~ 2k/sec Auth = 2/3
![Page 30: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/30.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Problems Addressed – Redundancy
Anycast DNS provides non instant automated fail-over
![Page 31: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/31.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Problems Addressed – Configuration
Single config for all Anycast servers
![Page 32: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/32.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Problem Addressed - Constituency Caching
Can only recommend
![Page 33: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/33.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Problems Addressed - Monitoring
![Page 34: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/34.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Problem Addressed - Complexity
Still complex layout Automated
![Page 35: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/35.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
But what about the dots?
Stern warning
![Page 36: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/36.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Time lineDate Item
Done
Jan 2010
Mar 2010
Mar 2010 All: change DNS option DHCP machine
Jun 2010 All: change DNS hard-coded servers
Sep 2010
Wireless (Campus + Resnet)
Campus: Admin
Resnet: Using new DNS
Shutdown of 129.97.128.100
![Page 37: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/37.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Try it
$ dig +short @129.97.2.1 HOSTNAME.BIND CH TXT
"cr-adns-ech-1"
>nslookup -type=TXT -class=CHAOS HOSTNAME.BIND 129.97.2.1
Server: cn-ns1.uwaterloo.ca
Address: 129.97.2.1
HOSTNAME.BIND text =
"cr-adns-ech-1"
![Page 38: Anycast DNS. WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS Outline Current Anycast routing Anycast implemented Problems resolved](https://reader030.vdocuments.us/reader030/viewer/2022032612/56649ec65503460f94bd2013/html5/thumbnails/38.jpg)
WatITis | Strengthening Collaboration | December 8, 2009 | Anycast DNS
Future
NS1 Slave diversity Second Cluster MS DNS / DDNS DHCP