Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : detecting anycast, possible?

[aww]

Is it possible to determine if a nameserver is using anycast or is it completely transparent from the client side?

Thanks for any ideas...

[stephanhughson]

Normally each computer that needs to lookup DNS information just has whichever nameservers it should speak to listed in a file/setting.

So for my own server, I tell it to speak to my ISP's nameservers. My ISP's nameservers speak to the root servers.

The root servers themselves are distributed all over the world and the same IP address can actually be shared between more than one. It's a bit tricky to explain.


Is this what you mean, or are you after other information. Can you give more details about what you are trying to find out please?

[LinkLine_1]

You might be able to detect it with some educated examination of the network the server is on, as well as traceroutes from various spots on the internet. The easiest way is to ask whoever runs it.

In general, the client does not care or know that it's using an anycasted service, especially DNS.

[Jonathan Kinney]

I would say, from an end user standpoint, you would not be able to tell without actually asking the network administrator or the administrator of that DNS server. Well unless it was an entire network that is connected via a hub, and you have a physical server on that same hub, then you could sniff packets and see what is going on, but that would be so absurd, it would be comical.

[plumsauce]

Are you asking if it makes any difference or if it can be determined?

1. it is of no practical difference to the end user

2. it is detectable by a sufficiently curious observer

Any vendor claiming to do anycast dns who is not will eventually be found out.

[aww]

Thanks for all the feedback.

I am asking from a technical curiosity and to learn, I realize it makes little difference to the end user but it does make a difference in performance and reliability.

I indeed want to detect it to confirm vendor claims and to find other vendors who may not be "advertising" it.

Sometimes it's easier to try to figure it out yourself than make a general inquiry to a host and get a ignorant answer from an entry-level tech who doesn't even know what anycast is.

However I did come up with one idea on my own but not certain if it would work. By doing several UDP traceroutes to the nameserver, you could count the hops for each request. If they are not the same, then it's probably anycast. Unicast should always be the same number of hops?

What do you think of that logic? The only problem I am running into is I think one of the firewalls in the chain I am using is dropping my packets during my tests.

[TowerOfPower]

I don't think that would work at all.

If you want to learn about anycast you will need to learn what BGP is.

[jhitchco]

Quote:

Originally Posted by aww

What do you think of that logic? The only problem I am running into is I think one of the firewalls in the chain I am using is dropping my packets during my tests.

That's not going to work. There is no sure way to prove or disprove anycast. The Wikipedia article about anycast has a good background. Anycast is just the technique of announcing the same IP space from more than one location (which may mean by provider or by geographic region). Routing then takes end users reaching IPs in that block based on autonomous system number.

Practically speaking, search for a looking glass of a tier 1 network and then do a few traceroutes to the server which is claimed to be anycast from different locations (west coast, east coast, Asia). Not all anycasts are equal as some are anycasted within the domestic United States and some are "real" by being global.

Jeremy
--
Jeremy Hitchcock
Dynamic Network Services, Inc.