[dns-operations] opting in to stupid DNS tricks
Martin Barry
marty at supine.com
Mon Feb 21 13:56:13 UTC 2011
$quoted_author = "Jim Reid" ;
>
> Which is of course stupid because the IP address making the lookup
> is almost certainly not the IP address of the end client. So they're
> "optimising" for some recursive resolver rather than the end user's
> stub resolver that made the initial query.
This inherent deficiency is understood but the address of the recursive
resolver is "good enough" "most of the time".
> I wonder what these DNS tricksters are going to do if/when these
> zones deploy Secure DNS.
Sign the responses just like they would for homogeneous responses.
> BTW, I still don't understand why CDNs are abusing the DNS to solve
> something that is actually a routing problem. What's wrong with
> anycasting the IP address(es) of the web site or whatever? That way,
> the network figures out the truly optimal path (peering policies
> aside) between the end client and the content provider's server.
> Yes, I realise this may break TCP connections sometimes, but how
> much of a real problem is this? Has anyone got hard data about this?
http://www.nanog.org/mtg-0606/pdf/tcp-anycast.pdf
> FWIW it's also very annoying (and stupid) to be presented with
> content which the CDN thinks is relevant for the country where it
> believes the resolving name server I've used is located rather than
> for the country actually I'm in or the language(s) I understand. We
> can agree to disagree about that.
This problem is not unique to sites using heterogeneous DNS responses.
If you want to complain about sites not making best use of the
Accept-Language header, you can join the queue behind me over there -->
cheers
Marty
More information about the dns-operations
mailing list