Someone has suggested 'anycasting' what do people (particually you
Paul) think of using anycasting for a DNSbl? (- AS112 anyone?)

unowned anycast, such as that used in as112, is only possible when the
replies have no value (and thus need not be synchronized or centrally

conversely, unowned anycast only adds value if the replies really ought
to be sent anonymously. in the case of sorbs, you can enumerate
authorized servers and thus get better management and control than you
would with unowned anycast.

now, that doesn't mean anycast per se is a bad idea for sorbs. it's
just that you'd want to own or at least "manage and control" each
instance. this is what we do for f-root and it's what ultradns and
nominum and i think akamai have been doing for some years now.

I think it may work well... however I am a novice in terms of BGP...
As far as I can tell it involves getting a portable address block
(somone suggested anything less than a /24 would get filtered) and
announcing it in various locations around the Net with local servers
behind each of those announcements.... is this fundamentally correct?

yes. see for some background materials on all this.

Assuming I am right in my current understanding, I am about to start
looking at the proceedure to get an ASN and then I'll be looking for
some portable IP space if the consensus and thoughts are this will
work. I am thinking along the lines of talking with the other large
DNSbls (particually Easynet (wirehub) and DSBL) about setting up a set
of combined DNSbl servers all anycast'd. This after all will bring an
DDoS machines to the attention of the local networks they are
attacking .... :wink:

putting multiple dnsbl's on the same /24 sounds like a lot of eggs for
only one basket. among the root server operators, we like to chant that
"diversity is good".