On 18/09/2013, at 8:25 PM, Don Stokes
We already do this with the blackhole-*.iana.org addresses - we just announce the /32 routes into our internal routing table, just like any other internal service IP address. All I need to do is add 8.8.8.8 to my local forwarders, and they'll anycast the address to our downstreams.
In the blackhole*.iana.org case we're doing something recommended to prevent bogus traffic from going outside our provider net, not hijacking another provider's service.
That's the philosophical problem - it's not "can I do it without breaking the internet?", but "should I?", given that those using 8.8.8.8 probably don't understand that it's - in most cases - probably giving them a worse experience than asking locally. You could argue that it's "fixing the Internet" for the naive user.
But Google DNS is not "standard" DNS. How non-standard it is isn't clear, but ... well, it's Google ... so providing something that behaves "differently" to Google DNS at the Google DNS address does strike me as rude. But is it actually bad?
Note that I'm not proposing to do this on our infrastructure, because we have a customer base that for the most part either has clue, or punts clue to us. But other providers might think differently...
Maybe something better would be getting an IANA assigned address for providers to stick on their DNS servers, and everyone can anycast it. I thought that would be handy a few years back, and started writing up an I-D for it, and for other services like NTP etc. My doc was for v6, but no reason it couldn't be whatever you wanted. The idea was to propose it as an alternative to whatever that RFC was that put DNS addresses in to RA messages, but never got around to finishing it and people who were in to the RA thing were pretty rabidly in to it, the ball was very much rolling down hill at that point. I think hijacking Google's address is pretty nasty. Though, I did once propose hijacking whatever teredo.ipv6.microsoft.com resolves to, so, I guess I can't be too critical of the idea :-) It'd be handy if Google put 8.8.8.8 on GGC servers. They exist most places Akamai exists, I'd imagine - or near enough at least. -- Nathan Ward