Anycasting Assignments for TLDs and Tier 0/1 ENUM
You're looking at an older version: 2
The current (published) version is 4- State:
- Accepted
- Publication date
- Affects
- Draft document
- Draft
- Authors
- Proposal Version
- 4.0 - 27 Apr 2009
- All Versions
-
- Accepted
- 09 Jun 2009
- Working Group
- Address Policy Working Group
- Proposal type
-
- Modify
- Policy term
- Permanent
- New RIPE Documents
Summary of Proposal:
The proposal is to allow Tier 0/1 ENUM operators to receive IPv4 and IPv6 anycasting assignments and extend the number of anycasting prefixes that can be assigned to an operator from one to up to four assignments.
Policy text
a. Current (if modify):
From RIPE-424
6.9 Anycasting TLD Nameservers
If the name server set of a ccTLD or a gTLD without anycasting technology applied would not pass the 'IANA Administrative Procedure for Root Zone Name Server Delegation and Glue Data' the TLD administrator may receive a single dedicated /24 network prefix for the sole purpose of anycasting name servers, as described in RFC 3258.
The prefix will be assigned by the RIPE NCC directly to the TLD, upon a request submitted via an existing LIR and will be registered with a status of 'ASSIGNED ANYCAST' in the RIPE Database and must be returned to the RIPE NCC if not in use for anycast DNS any longer.
b. New:
6.9 Anycasting TLD and Tier 0/1 ENUM Nameservers
Critical DNS infrastructure is defined as infrastructure providing Authoritative TLD or ENUM Tier 0/1 DNS lookup services.
The organisation(s) applicable under this policy are TLDs operators as defined by IANA and ENUM operators as defined by the ITU.
The organisation may receive up to four /24 prefixes per TLD/ENUM. These prefixes must be used for the sole purpose of anycasting authoratitve DNS servers for the stated TLD/ENUM, as described in RFC 3258.
Assignments for Critical DNS infrastructure are subject to Provider Independent (PI) number resource policies as described in this document and also to the policies described in the RIPE NCC document entitled "Contractual Requirements for Provider Independent Resources Holders in the RIPE NCC Service Region".
Anycasting assignments are registered with a status of 'ASSIGNED ANYCAST' in the RIPE Database and must be returned to the RIPE NCC if not in use for Critical DNS infrastructure any longer.
a. Current (if modify):
From RIPE-421
7. Assignments for Anycasting TLD Nameservers
If the name server set of a ccTLD or a gTLD without anycasting technology applied would not pass the 'IANA Administrative Procedure for Root Zone Name Server Delegation and Glue Data' the TLD or ENUM administrator may receive a single dedicated /48 network prefix for the sole purpose of anycasting name servers, as described in RFC 3258.
The prefix will be assigned by the RIPE NCC directly to the TLD, upon a request submitted via an existing LIR and will be registered with a status of 'ASSIGNED ANYCAST' in the RIPE Database and must be returned to the RIPE NCC if not in use for anycast DNS any longer.
b. New
7. Assignments for Anycasting TLD Nameservers
Critical DNS infrastructure is defined as infrastructure providing Authoratitve TLD or ENUM Tier 0/1 DNS lookup services.
The organisation(s) applicable under this policy are TLDs operators as defined by IANA and ENUM operators as defined by the ITU. The organisation may receive up to four /48 prefixes per TLD/ENUM. These prefixes must be used for the sole purpose of anycasting authoratitve DNS servers for the stated TLD/ENUM, as described in RFC 3258.
The prefix will be assigned by the RIPE NCC directly to the organisation, upon a request properly submitted to the RIPE NCC, either directly or through a sponsoring LIR. Assignments for Critical DNS infrastructure are subject to the policies described in the RIPE NCC document entitled "Contractual Requirements for Provider Independent Resources Holders in the RIPE NCC Service Region".
Anycasting assignments are registered with a status of 'ASSIGNED ANYCAST' in the RIPE Database and must be returned to the RIPE NCC if not in use for critical DNS infrastructure any longer.
Rationale:
a. Arguments supporting the proposal
It was stated at the recent RIPE meeting by multiple operators that one /24 allocation is not enough and it's blocking the efficient deployment of anycast. If deployment of anycast is increased it could keep (or decrease) the number of NS records per TLD/ENUM, in turn this would enable operators to keep DNS reply size low even with DNSSEC.
The other regions already have a policy in place where multiple prefixes can be assigned to a single operator where such a need is justified.
Comparisons of current RIRs policies regarding DNS anycast assignments for TLD and/or ENUM Tier 0/1 can be found at:
ENUM has also been included as this is a comparable level of critical DNS infrastructure so should be given the same opportunity.
b. Arguments opposing the proposal
Some people may argue that this will cause some waste of address space and additional entries in routing tables but the number of TLD/ENUM operators is limited and so such impact should be minimal.
It should also be noted that this proposal is more conservative in comparison with the policy in place in the other regions.
Some people may ask why TLD and ENUM operators should get special assignments. Due to well-understood DNS protocol limitations, the resiliency of DNS can't be increased beyond a given point without using anycast technology, so there's a strong technical reasoning. On the other hand, the number of TLD and ENUM tier 0/1 operators is limited to a few hundred, so the potential for routing table growth is limited.