[dns-operations] Who Ignores TTLs ?

Patrick W. Gilmore patrick at ianai.net
Sat Feb 19 15:20:11 UTC 2011

On Feb 18, 2011, at 6:35 PM, Paul Vixie wrote:

>> Date: Fri, 18 Feb 2011 17:43:16 -0500
>> From: Joseph S D Yao <jsdy at tux.org>
>> On Wed, Feb 16, 2011 at 09:25:08PM -0500, Patrick W. Gilmore wrote:
>> ...
>>> Or, to turn the question on its head, if GSLB through DNS didn't
>>> work, most of the traffic on the Internet would be misdirected.
> that rather begs the definition of "misdirected".

Actually, it does not.  When you request content from a server, the choice of which server serves that content is not yours.  You must _ask_ to resolve hostname.  Contacting any IP address other than the one the owner of that hostname wants you to contact is, by definition, misdirection. 

>>> So those who say it does not work are confused - they're using it
>>> every day. 
> we're getting redirected every day, that's true.  whether it helps
> enough to justify what people have to pay (in non-cash) and decide to
> pay (in cash) is what would help define "misdirected" in this context.
>> Just googled GSLB.  The top two responses [in order] were:
>> - Why DNS Based Global Server Load Balancing (GSLB) Doesn't Work
>> - How GSLB Works » Netscaler - Citrix Community
>> Granted that the first was old and crusty, but this is probably why
>> there are still disagreements out there.

That's kinda sad, since empirically GSLB clearly works.  Oh no!  Someone is /wrong/ on the Internet.[*]

> if akamai makes it opt-in i'll try using all of their clients without
> any stupid dns tricks involved, and i promise to report my results.

Paul, I am not certain at all why you keep fixating on Akamai.  Every CDN returns heterogeneous answers - including the one for whom you worked.  Most large sites which are not on CDNs also return heterogeneous A records.  Just checking the three largest sites I know off the top of my head (www.facebook.com, www.google.com, www.yahoo.com), all three return different A records depending on which source IP address requests the hostname.  And none of those use Akamai (for their www hostname, at least not from where I tried it).

You seem to want to put the genie back in the bottle.  Given that far more traffic is directed via heterogeneous A records than not, I submit it is too late.  Moreover, the genie won't fit!  If you could wave a magic wand and make all A records homogenous, the consequences to the Internet would be disastrous.

Which, by the way, belies your 'cost' argument.  Ask any ISP that has Akamai boxes, or peers with Akamai.  There are thousands of such ISPs, you should be able to find one easily.  The cost of dealing with heterogeneous A records is many orders of magnitude less than the cost of fiber, DWDM, router ports, etc. needed to not have them.  ISPs do not complain about having Akamai boxes, just the opposite.

And finally, you have done a lot of good work on the Internet w/r/t spam.  During that work, you became intimately familiar with the ideas of "permission" and "opt-in".  Therefore, you know damned well that Akamai (and all other CDNs, large websites, and anyone else who publishes heterogeneous A records) is 100% opt-in.  It is beneath you to imply otherwise.  Put another way, if you don't like how our customers serve their traffic (or Google, or Yahoo!, or Facebook, or Limelight, or Level 3, or China Cache, or AT&T, or Tata, or ...), don't use those web pages.

Let me know when you "report" how your Internet experience is using only homogenous hostnames.


[*] <http://xkcd.com/386/> =)

More information about the dns-operations mailing list