undefined | Better HN

0 pointsmschuster917y ago0 comments

> and the internal segment would not break if the outside routes suddenly disappeared.

Not when your default nameserver is 8.8.8.8. Or your NTP source is set to the public NTP pools.

There is definitely a benefit in doing a "we are isolated" scenario test once in a while to prepare for such incidents...

0 comments

8.8.8.8 is anycast, it is announced locally in many places around the world.

Is there a local instance of it in Russia? What happens when that server can’t reach any upstreams?

Yes there is, but if there wasn't it's easy enough for a government controlled provider to advertise it (and 1.1.1.1 etc).

China (and others) can also simply intercept all udp traffic to port 53.

There is. Only Google can answer the second question with certainty, but I'm 99% sure its upstreams are http://root-servers.org

j / k navigate · click thread line to collapse