North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Content Delivery Networks

  • From: Paul Reubens
  • Date: Fri Aug 10 01:59:26 2007
  • Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=ZXTNf2j850djCxvMtgzvbADguvdWRReK1wzuKoIBO/9c2Ja0RPfa09W7XyamB72noMhBpEbMayBfCoqrx55zwXCVQtO/HUVFJW0OkTDdvCmiVrGYIXvv8QpfGmU00+bmczWpTkZOPlUJSO/nbyoKsr076M5XQf9L1DnL/8rXOnU=
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=Eb+RZiFiLKUHbOyesiAqViXiuw3ckW/XSDB8mC5ZuSAF3ObLrP2QeZ3lNg/63VejlgNjAJuyWhSGa+nl53Zr2v2nDPaCOJ6Vmwy8dkTHRGEa9+eWZUdm7NqUzpOO/n4xKSZtRh8t55576cdusWIPX7YCAS9Bk4e4yEgmUzSmkGc=

How do you engineer around enterprise and ISP recursors that don't honor TTL, instead caching DNS records for a week or more?


On 8/7/07, Patrick W.Gilmore <[email protected]> wrote:

On Aug 7, 2007, at 10:05 AM, Michal Krsek wrote:

>>> 5) User redirection
>>> - You have to implement a scalable mechanisms that redirects
>>> users  to the closes POP. You can use application redirect (fast,
>>> but not  so much scalable), DNS redirect (scalable, but not so
>>> fast) or  anycasting (this needs cooperation with ISP).
>>
>> What is slow about handing back different answers to the same
>> query  via DNS, especially when they are pre-calculated?  Seems
>> very fast to  me.
>
> Yes DNS-based redirection scales very pretty.
>
> But there are two problems:
> 1) Client may not be in same network as DNS server (I'm using my
> home DNS server even if I'm at IETF or I2 meeting on other side of
> globe)

This has been discussed.  Operational experience posted here by Owen
shows < 10% of users are "far" from their recursive NS.

You are the tiny minority.  (Don't feel bad, so am I. :)  Most
"users" either use the NS handed out by their local DHCP server, or
they are VPN'ing anyway.


> 2) DNS TTL makes realtime traffic management inpossible. Remember
> you may not distribute network traffic, but sometimes also server
> load. If one server/POP fails or is overloaded, you need to
> redirect users to another one in realtime.

Define "real time"?  To do it in 1 second or less is nigh
impossible.  But I challenge you to fail anything over in 1 second
when IP communication with end users not on your LAN is involved.

I've seen TTLs as low as 20s, giving you a mean fail-over time of 10
seconds.  That's more than fast enough for most applications these days.

--
TTFN,
patrick