Slashdot Mirror

← Back to Stories (view on slashdot.org)

How CDNs and Alternative DNS Services Combine For Higher Latency

Posted by Soulskill on from the taking-the-bad-with-the-good dept.

The_PHP_Jedi writes "Alternative DNS services, such as OpenDNS and Google Public DNS, are used to bypass the sluggishness often associated with local ISP DNS servers. However, as more websites, particularly smaller ones, use content distribution networks via embedded ads, widgets, and other assets, the effectiveness of non-ISP DNS servers may be undermined. Why? Because CDNs rely on the location of a user's DNS server to determine the closest server with the hosted content. Sajal Kayan published a series of test results which demonstrates the difference, and also provided the Python script used so you can test which is the most effective DNS service for your own Internet connection."

14 of 187 comments (clear)

  1. Re:Do you even know what a CDN is? by betterunixthanunix · · Score: 2, Interesting
    1. The Web is not the be-all and end-all of the Internet
    2. Browsing without autoloading images is not nearly as bad as you make it out to be
    3. Most of what I go on the web for is news (where the text is usually more important) and journal articles (which are distributed as PDFs)

    As a case in point, Slashdot is perfectly fine without images or Javascript (as long as you request Javascript-free pages, which are readily delivered).

    --
    Palm trees and 8
  2. Re:Is this a problem? by michael_cain · · Score: 4, Interesting

    Seven or so years ago, before I retired from one of the large cable companies, CDNs were hosting the relatively static parts for a surprisingly large number of broadly popular sites. I had an opportunity to see the list when we were approached by the then-largest CDN, who wanted to place servers in many of our head-end locations for the obvious performance benefit. I was the one who pointed out that all of our internal DNS requests were routed to one of two data centers, one on the East Coast and one on the West, creating exactly the situation described in the OP: the CDN would have no idea where the original request came from, so would be unable to direct the end user to the appropriate server.

    I was one of the few engineers who argued for less centralization in our network. I wanted broader distribution for reliability purposes: at that time, the massive centralized mail servers had a tendency to fail at the drop of a hat. But it would also have given us the ability to work with companies like the CDNs in order to provide better service.

  3. Re:Is this a problem? by Professor_UNIX · · Score: 4, Interesting

    This is exactly the problem. Most people have probably not heard about a little company called Akamai, but chances are if you're downloading content from a large site, you're using Akamai's content delivery network. Go view a trailer on Apple's site for instance and you'll see the host is actually served off edgesuite.net (which is Akamai). They use a distributed system of caching mirror servers to serve up content to a server closest to you geographically.

    The one reason I use an open DNS server instead of my cable provider's (Cox Cable) servers is because they have an Akamai server for Cox and it was horribly overloaded. I was getting 512 Kbps anytime I was trying to download something from Apple. I switched my DNS to a combination of Level3's and Cisco's open DNS servers and I started hitting another Akamai server outside Cox and started getting 15 Mbps. It was night and day going from barely being able to watch a standard definition movie trailer on Apple's site while it buffered buffered, played, buffered, play buffered, etc. to being able to watch a 1080p HDTV stream with the buffer way ahead of my realtime viewing.

  4. Re:Is this a problem? by betterunixthanunix · · Score: 3, Interesting

    As opposed to using the client IP address?

    --
    Palm trees and 8
  5. Re:This is not accurate by funfail · · Score: 2, Interesting

    Hi David. Isn't it possible for you to just cooperate with Akamai and resolve according to the client location based on IP address?

    --
    Search RapidShare and MegaUpload!
  6. Re:Poor application design by Zerth · · Score: 2, Interesting

    Like you couldn't redirect on GET instead of serving up the app?

  7. Re:This is not accurate by Anonymous Coward · · Score: 2, Interesting

    awesome! thank you for your reply. BUT wouldn't giving client ip away in the dns request reduce privacy?

  8. Re:Poor application design by Trepidity · · Score: 2, Interesting

    There's various tricks you can do to decide later, if you have significant content other than the raw HTML page itself, though they do require some server processing. The initial HTML request will be based on DNS, but once the user's hit your servers, you have their IP, so you can rewrite the URLs of embedded content / AJAX requests / whatever, so that they hit a geographically nearby server.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  9. Re:You're a man after my own heart! apk by LordLimecat · · Score: 2, Interesting

    Neither infected PDFs nor Java rely on javascript. An ad in a DIV will infect you just fine.

  10. Re:This is not accurate by davidu · · Score: 2, Interesting

    That's the argument opponents make. I don't buy it for a variety of reasons. Hard to write it on my iPhone but will blog about it soon.

    --

    # Hack the planet, it's important.
  11. Re:This is not accurate by BitZtream · · Score: 2, Interesting

    If anyone would like to see this for themselves on any servers they use, check out namebench

    http://code.google.com/p/namebench/

    Tests to figure out which DNS servers you should use from a speed perspective mostly, but does all sorts of neat checks for DNS hijacking like OpenDNS does.

    Its bad enough to do NXDOMAIN hijacking, but flat out stealing google traffic and running it threw their own servers is just bullshit.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  12. Re:This is not accurate by davidu · · Score: 2, Interesting

    You have summarized the privacy concern well. That's exactly the issue. The fear that is held is that implementations won't respect someone who includes 0.0.0.0/0 and instead will replace it with the actual client's source_addr when forwarding a request along. Think hotel, cafe, wifi hotspot vendors, etc... Those folks tend to implement for ease, not privacy. And sometimes they opt against privacy.

    The critics of the proposal think that there is no assurance of privacy, and they feel that's a reason to not move forward. In my world, there are much better ways to violate real privacy than to see a client IP address in a DNS request, but maybe I'm less sensitive about it. I think it's certainly worthy of discussion and attempting to find a solution.

    --

    # Hack the planet, it's important.
  13. Re:This is not accurate by sajalkayan · · Score: 2, Interesting

    I'm the author of the blogpost and am inclined to reply. David, I don't mean any disrespect to OpenDNS. It is an awesome service and I too myself use it when nothing else works. I don't have anything against OpenDNS. If you for some strange reason want to discredit data from EC2 instances, please see the data from Thai and the Swedish ISP. Both are personal internet connections of people residing in the respective countries from their homes. Now that you have really discredited me, I have to work harder to get data from someone's home connection is US and UK (apparently you dont recognize data from other locations). Thanks, Sajal

  14. Re:Leave Canada Alone by lonecrow · · Score: 2, Interesting

    But I use OpenDNS to keep the kids away from Chat Routlette, Goatse.cx and other emotionally scarring sites. If Google DNS offered that I would switch.