lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140111134659.GC4698@cpaasch-mac>
Date:	Sat, 11 Jan 2014 14:46:59 +0100
From:	Christoph Paasch <christoph.paasch@...ouvain.be>
To:	François-Xavier Le Bail <fx.lebail@...oo.com>
Cc:	Alexey Kuznetsov <kuznet@....inr.ac.ru>, netdev@...r.kernel.org,
	Hannes Frederic Sowa <hannes@...essinduktion.org>,
	"David S. Miller" <davem@...emloft.net>,
	James Morris <jmorris@...ei.org>,
	Hideaki Yoshifuji <yoshfuji@...ux-ipv6.org>,
	Patrick McHardy <kaber@...sh.net>
Subject: Re: [PATCH net-next] IPv6: enable TCP to use an anycast address

On 11/01/14 - 05:06:10, François-Xavier Le Bail wrote:
> On Sat, 1/11/14, Alexey Kuznetsov <kuznet@....inr.ac.ru> wrote:
> As said in http://tools.ietf.org/html/draft-iab-anycast-arch-implications-12.html#section-2.1
> (this informational draft is in RCF queue)

This draft does not say that TCP should be used with anycast
addresses. Rather the opposite:

"  This document does not treat in any depth
   the fact that there are deployed services with TCP transport using
   anycast today.  Evidence exists to suggest that such practice is not
   "safe" in the traditional and architectural sense (as described in
   Section 4.2). "

And Section 4.2 gives more information.
http://tools.ietf.org/html/draft-iab-anycast-arch-implications-12.html#section-4.2


Christoph

> 
> "  No firm conclusion was reached regarding
>    use of TCP with anycasted services, but it was observed that
>    anycasting was useful for DNS, although it did introduce some new
>    complexities."
> 
> For this works, there is need for appropriate routing (BGP, ...).
> 
> Many DNS root-servers use TCP with anycast (IPv4 and IPV6).
> 
> see : http://tools.ietf.org/html/draft-jabley-dnsop-anycast-mapping-04#section-4
> 
> "   L-Root service is provided using a single IPv4 address (199.7.83.42)
>    and a single IPv6 address (2001:500:3::42).  It should be noted that
>    it is preferable to refer to the service using its DNS name (L.ROOT-
>    SERVERS.NET) rather than literal addresses, since addresses can
>    change from time to time."
> 
> François-Xavier Le Bail
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ