North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Content Delivery Networks
- From: Paul Reubens
- Date: Fri Aug 10 01:59:26 2007
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=ZXTNf2j850djCxvMtgzvbADguvdWRReK1wzuKoIBO/9c2Ja0RPfa09W7XyamB72noMhBpEbMayBfCoqrx55zwXCVQtO/HUVFJW0OkTDdvCmiVrGYIXvv8QpfGmU00+bmczWpTkZOPlUJSO/nbyoKsr076M5XQf9L1DnL/8rXOnU=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=Eb+RZiFiLKUHbOyesiAqViXiuw3ckW/XSDB8mC5ZuSAF3ObLrP2QeZ3lNg/63VejlgNjAJuyWhSGa+nl53Zr2v2nDPaCOJ6Vmwy8dkTHRGEa9+eWZUdm7NqUzpOO/n4xKSZtRh8t55576cdusWIPX7YCAS9Bk4e4yEgmUzSmkGc=
How do you engineer around enterprise and ISP recursors that don't honor TTL, instead caching DNS records for a week or more?
On 8/7/07, Patrick W.Gilmore
<[email protected]> wrote: On Aug 7, 2007, at 10:05 AM, Michal Krsek wrote:
>>> 5) User redirection >>> - You have to implement a scalable mechanisms that redirects >>> users to the closes POP. You can use application redirect (fast, >>> but not so much scalable), DNS redirect (scalable, but not so
>>> fast) or anycasting (this needs cooperation with ISP). >> >> What is slow about handing back different answers to the same >> query via DNS, especially when they are pre-calculated? Seems
>> very fast to me. > > Yes DNS-based redirection scales very pretty. > > But there are two problems: > 1) Client may not be in same network as DNS server (I'm using my > home DNS server even if I'm at IETF or I2 meeting on other side of
> globe)
This has been discussed. Operational experience posted here by Owen shows < 10% of users are "far" from their recursive NS.
You are the tiny minority. (Don't feel bad, so am I. :) Most
"users" either use the NS handed out by their local DHCP server, or they are VPN'ing anyway.
> 2) DNS TTL makes realtime traffic management inpossible. Remember > you may not distribute network traffic, but sometimes also server
> load. If one server/POP fails or is overloaded, you need to > redirect users to another one in realtime.
Define "real time"? To do it in 1 second or less is nigh impossible. But I challenge you to fail anything over in 1 second
when IP communication with end users not on your LAN is involved.
I've seen TTLs as low as 20s, giving you a mean fail-over time of 10 seconds. That's more than fast enough for most applications these days.
-- TTFN, patrick
|