Dean Anderson wrote:
The load balancer is really just a special kind of stateful NAT.
No.
Load balancers can load balance, without any translation being done at all.
And a load balancer is by definition doing *anycast*.
The same address is used as a destination, and the packets are delivered
to multiple hosts.
That is anycast.
Anycast can be either, or both of, global load balancer (using network
announcements for accomplishing anycast),
or local load balancer (using L2/L4 to serve multiple servers from a
single apparent host address.)
It's sort of like how what we call a layer-2 "switch", is just an n-port
"bridge".
Stateful NATs and load balancers keep TCP state for an hour+. Otherwise
your SSH sessions would drop.
I beg to differ. NATs may keep multi-hour sessions up, however...
The load balancers I am familiar with, and those would be the ones
relevant to anycast, have default timeout on tcp of 5 minutes.
I haven't argued against using load balancers, or firewalls.
Well, I guess that makes you an *inconsistent* crackpot.
If you continue to argue against anycast, you should also argue against
load balancers, application layer gateways, network address translators,
and stateful firewalls. And perhaps seat belts.
And what exactly *is* "the anycast problem"
http://www.av8.net/IETF-watch/DNSRootAnycast/History.html
(BTW - many of the links from your kitchen sink, return 404 errors. As
does the "admin" link for av8.net's home page.)
For most people on this list, this is common knowledge.
After having read your sad story, I can only say: my condolences to them.
Of course, the "history" doesn't seem to do anything other than say,
repeatedly, "There is a problem with anycast."
(If you read my original request, I was asking what the problem is, not
what the history is, or what any of the meta-arguments have been about.)
The one minor thing you seem to have raised in, what, several *years*
(?), is your
RFC 1812 overture.
Which is basically, that unless a root server answers every query it
gets, it is in violation of the RFC.
Well, guess what - if PPLB occurs, and the properly formed query
never *gets* to the root server, that's the *network's* problem, not a
DNS problem or RFC violation. QED.
Oh, and it's only a real problem if it happens consistently, for
requests to *all* authority servers for a given zone.
As long as there's a *single* non-anycast instance, or as long as the
anycast instances don't *all* have the *same*
load balancing cost, it's not a big deal.
I'd now like to address the rest of the technical content of the site:
Okay. That was easy.
BTW, your "history" as such, ends with you being banned from *this* list.
How appropriate.
(Apologies to everyone else. Didn't realize I was feeding a troll.)
Brian
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
