IETF Logo Mail Archive

Re: [dns-privacy] Possible use case: Opportunistic encryption for recursive to authoritative

Ask Bjørn Hansen <ask@develooper.com> Sat, 08 August 2020 21:54 UTC

Return-Path: <ask@develooper.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB0DC3A07CB for <dns-privacy@ietfa.amsl.com>; Sat, 8 Aug 2020 14:54:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=develooper.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rSIpdKQ4Hi_8 for <dns-privacy@ietfa.amsl.com>; Sat, 8 Aug 2020 14:54:34 -0700 (PDT)
Received: from mx-out1.ewr1.develooper.com (mx-out1.ewr1.develooper.com [139.178.64.59]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72FE03A07BE for <dns-privacy@ietf.org>; Sat, 8 Aug 2020 14:54:34 -0700 (PDT)
Received: from mail.develooper.com (kw5.ewr1.develooper.com [147.75.38.195]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx-out1.ewr1.develooper.com (Postfix) with ESMTPS id 36F476E01BD; Sat, 8 Aug 2020 21:54:33 +0000 (UTC)
X-Virus-Scanned: Yes
From: Ask Bjørn Hansen <ask@develooper.com>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=develooper.com; s=mail; t=1596923671; bh=z1nivOHu4R3NQez44SsXzzTUUJH83Urb4F3xvzY4os4=; h=From:Subject:In-Reply-To:Cc:To:References; b=hN+XfzT9whL4cGIzASBEFnHF1s3NeLcMHxGnlb9nery/Qx1yquiivcK5NVASYKN9a jvJw7rkqB2kZ6ANpBIhcfjkGaQ2C9jfW/HcJChQmzdvrb2f21sClPT7UUROrqE3QJn nsOOqDDhK+OWvSeLUuUITaP4YodD8Z66DNCvIFyQOEhW2Da8JhKloveV7UimHrc27j kksiQkjNCXByiWVdmTjdFaxhT3bLVwXuKHi81NiSiH5qXSHCQwUOrYNqFHwRYWeLOd P+w9OhbRfJ5q+MWB1FJkhvRBzheYRd0qRLRrf1mb8uC9XglGomtoNOYZ0xKbwRbeHH q9DjaS2EAs8NQ==
Message-Id: <9856A472-1148-429A-844E-D561A1C808EB@develooper.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4BC4039D-9571-4866-A800-2D7C98192224"
Mime-Version: 1.0
Date: Sat, 08 Aug 2020 14:54:29 -0700
In-Reply-To: <17f6e4fd-e545-267f-f29e-01d5fb57d017@innovationslab.net>
Cc: dns-privacy@ietf.org
To: Brian Haberman <brian@innovationslab.net>
References: <3BA75997-3DE4-4DF5-B1F5-C57DBC423288@icann.org> <17f6e4fd-e545-267f-f29e-01d5fb57d017@innovationslab.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/SBhjYvOKDeysiRVAVIUSxcCcQiw>
Subject: Re: [dns-privacy] Possible use case: Opportunistic encryption for recursive to authoritative
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Aug 2020 21:54:36 -0000


> On Aug 8, 2020, at 11:57 AM, Brian Haberman <brian@innovationslab.net> wrote:
> 
> Does anyone have numbers on how many authoritative servers use anycast
> for load balancing?

I don’t have data (and haven’t looked into it recently), but I think it’s a very safe assumption that

- most of the authoritative servers don’t use anycast
- most authoritative queries (for an average resolver) go to servers that use anycast


Ask

p.s. If you meant “for load balancing” to narrow which anycast deployments you are counting then it’s impossible to figure out unless you talk to each operator to find out what their motivations to use anycast were — performance, load balancing, resiliency, …

v2.23.0 | Report a Bug | By Email