On 05-Oct-21 11:03, Ofer Inbar wrote: > Behcet Sarikaya <sarikaya2012@xxxxxxxxx> wrote: >> As you all know, Facebook can not be reached since quite some time today. >> I heard that it is a DNS A and AAAA records problem. >> >> I am not sure if this list is the right one to discuss or is there another >> one? > > NANOG is probably the list where people were discussing this, as it > was caused by a botched BGP update, which is right in NANOG's alley. > -- Cos Right, but there are a couple of points of interest for the IETF, I think. I can't deduce from the NANOG thread whether the BGP4 mistake removed both IPv4 and IPv6 routes, but I did notice that their *authoritative* DNS servers are IPv4-only. (https://twitter.com/g_bonfiglio/status/1445056923309649926?s=20) Is that good practice? And then "Someone on the Facebook recovery effort has explained that a routine BGP update went wrong, which in turn locked out those with remote access who could reverse the mistake. Those who do have physical access do not have authorization on the servers. Catch-22." (https://twitter.com/SGgrc/status/1445116435731296256) Thay makes a *very* strong case for what ANIMA has designed - an autonomic control plane that is absolutely independent of the normal data plane. Brian
