[dns-wg] New on RIPE Labs: New Architecture Model for K-root Local Instances

Hi Randy, all,
Thanks for your questions.

On 15/03/12 03:40 , Randy Bush wrote:
> hi mirjam, romeo, et alia,
> 
> this looke cool, and lighter weight.  but a few questions as usual.
>> In the new model, the K-root hosted node will only peer with one
>> party, the local host, and the local host is responsible for further
>> propagation of the K-root prefix[1]
> 
> does this add an as hop, or are you hiding in the host's asn, or using a
> private (and thus stripped) asn? 

There is no hiding or stripping of the prefix, so yes, this will add a
hop.

The global or core nodes will of course be connected as currently to
major IXP's, announcing the prefix directly. It is possible that there
is an impact on routing for some of the clients currently behind
local/hosted nodes, however this currently adds up to about 10% of the
query load. Also, we do expect a substantial uptake of new hosts, so
this will result in a more finer grained distribution of K-root.

> and can you explain the motivation for
> radically reducing the bgp out-degree?

There are two drivers for that. We receive many requests from
prospective new K-root hosts. We have considered how to respond to this
demand from the community. This made us propose this smaller footprint
server, enabling a wider variety of hosts at a lower cost. So, one
driver for changing the BGP routing model, is in the simplified
hardware. We prefer the single server to spend it's time on answering
DNS queries, rather than spend its cycles on routing BGP.

The second driver is that we spend a relatively large amount of
engineering time on peering management for each instance. In the new
model that factor is obviously reduced a lot, which allows us to scale
the number of instances and achieve a finer grained distribution without
a large increase in management and engineering effort.

>> 1/ For an old-style local node, the anycast prefix was advertised with
>> the "no-export" community string set, in order to limit the scope of
>> the prefix propagation. This is no longer the case in the new design.
> 
> are you intending the node actually propagate globally, or hoping the
> one bgp peer adds NO_EXPORT?

We will discuss with hosts how they propagate the K-root prefix on a
case by case basis. Some may prefer to distribute only locally, others
may propagate globally. We expect of course that they tune this
according to local capacity. We will monitor, using for example RIPE
Atlas and DNSMON, the actual impact on K-root reachability for end users
and work with the local hosts to optimize routing where needed.

Thanks,
Romeo

> randy
> 
>