1 / 11

Anycast in CZ

Anycast in CZ. CZ.NIC z.s.p.o. Jaromir Talir jaromir.talir@nic.cz 8. 9. 2009. Agenda. What is it anycast Why to use anycast How to implement anycast RIPE anycast address allocation policies Current anycast usage: AS 112, F-root, secondary nameservers Future plans. What is anycast.

iren
Download Presentation

Anycast in CZ

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anycast in CZ CZ.NIC z.s.p.o. Jaromir Talir jaromir.talir@nic.cz 8. 9. 2009 1

  2. 2 Agenda What is it anycast Why to use anycast How to implement anycast RIPE anycast address allocation policies Current anycast usage: AS 112, F-root, secondary nameservers Future plans

  3. 3 What is anycast Routing scheme for one source to many destination internet comunication Different hosts advertise the same IP address Only nearest point is chosen (potentially different for each packet) Most suitable for connectionless internet protocols (UDP)

  4. 4 Why to use anycast Enhanced reliability Load balancing Reducing latency Ideal for DNS packets Attack againts root servers February 2007 6 root servers were under massive DDOS Worst affected 2 root servers without anycast

  5. 5 How to implement anycast Protocol independant BGP, OSFP ... Apply for anycast address There is dedicated block that is supposed not to be filtered DNS host must have installed routing daemon BIRD – open source routing daemon as CZ.NIC Labs project Quagga – or other for diversification

  6. 6 RIPE – Anycast address allocation policy September 2006 – June 2009 Only TLD operators that fail to pass IANA test for root servers Only 1 /24 prefix Since June 2009 Initiated by CZ.NIC and Nominet All TLD and ENUM operators 4 /24 prefixes per TLD and 4 /24 prefixes per ENUM zone

  7. 7 AS 112 PTR queries for private addresses (RFC1918), dynamic DNS updates and other communication to root servers Anycast DNS servers to catch invalid queries Since 2004 in NIX.CZ

  8. 8 F-Root Operated by ISC since 1994 Anycasted on 49 places In CZ.NIC since July 2004 Traffic statistics from last 30 days (in kb/s): Out: max=885.3, avg=383.6, min=325.8 In: max=359.7, avg=149.0, min=155.3

  9. 9 Secondary DNS for CZ 6 secondary servers a-f.ns.nic.cz 2x Prague, 1x Stocholm, 1x Wien, 1x London 1x anycast (d.ns.nic.cz) Operating since 2006 Located in Prague, Brno, Frankfurt and ISC (USA)

  10. 10 Future plans More anycast secondary servers Using new RIPE policy 4 anycast addresses already allocated Anycasting of current unicast servers Reducing number of nameservers in zonefile from 6 to 4 Bring some other root server into Prague

  11. 11 Questions • Jaromir Talir • jaromir.talir@nic.cz

More Related