On Oct 25, 2013, at 1:33 PM, Edward Lewis <[email protected]> wrote:
> Randy, > > On Oct 25, 2013, at 9:45, Randy Bush wrote: > >> the ip address clumping would worry me if i thought they were not anycast. > > Anycast or not, I wouldn't think this is a problem. Meaning, I don't see why > this would be a problem with unicast. Assuming that (for v4) the /24's are > independently routed, it wouldn't matter if the numbers are numerically close > or not. Well, it *might* -- having a wider separation of addresses (and multiple AS#) reduce the risk of someone accidentally misconfiguring an ACL and blocking access…. Lets say your space is 192.0.2.0/24 and 192.0.3.0/24 -- it's possible that someone intending to ACL 192.0.0.0/24 and 192.0.1.0/24 makes a booboo and ACLs off 192.0.0.0/22 instead of 192.0.0.0/23. While this sound alike a theoretical / unlikely issue, it *does* happen -- ask me how I know… W > > I ask because I might be missing something. And assuming it's a given that > to an external endpoint, anycast is indistinguishable to unicast. I can't > tell if that's two routes to a multi-homed LAN or two routes that diverge > geographically. > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Edward Lewis > NeuStar You can leave a voice message at +1-571-434-5468 > > There are no answers - just tradeoffs, decisions, and responses. > > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs -- She'd even given herself a middle initial - X - which stood for "someone who has a cool and exciting middle name". -- (Terry Pratchett, Maskerade) _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
