Slashdot Mirror
Beware of Using Google Or OpenDNS For iTunes
Relayman writes "Joe Mailer wanted to download an iTunes movie recently and his Apple TV told him it would take two hours. When he switched his DNS resolver settings, the download time dropped to less than 20 seconds. Apparently, iTunes content is served by Akamai which uses geolocation based on the IP address of the DNS request to determine which server should provide his content. When you use Google or OpenDNS to resolve the Apple domain name, all the requests to Akamai appear to be coming from the same location and they're all directed to the same server pool, overloading that pool and causing the slow downloads. The solution: be wary of using Google or OpenDNS when downloading iTunes files or similar large files. Use your own ISP's DNS servers instead or run your own resolving DNS server."
But I just tested this on my own by using a different source that uses Akamai: Adobe.
So I picked a file at this URL: http://ardownload.adobe.com/pub/adobe/reader/unix/9.x/9.4.0/enu/AdbeRdr9.4-1_i486linux_enu.bin
Sure enough, the initial server directed me to 72.215.224.16 with this partial tracert:
Firefox told me this would take 3 Minutes and 35 Seconds.
Then, I set my DNS to the 8.8.8.8 and 8.8.4.4 addresses and tried it again. This time I was sent to 72.246.30.19 with this partial tracert:
Surprisingly, this second server that I was directed to using Google DNS only took 10 seconds to download the same file. I did it a second time and it took 30 seconds.
Now after restoring my default DNS resolution that URL continually directs me to 72.215.224.40 and the download is as speedy as the Google DNS. If I switch back to Google DNS it now continually directs me to 72.246.30.32 so you can see that there's some load balancing going here that apparently can be divvied up by geographic location for some of their customers. Apparently Apple needs to investigate the same solution that Adobe is using from Akamai. Which doesn't consider everything from Google DNS being fulfilled from a west coast replication server?
My work here is dung.
This is a very widespread practice now. Use your own ISP for DNS.
yes
There's some good technical discussion in the Hacker's News discussion of this issue.
iTunes is great on the Mac.
This afternoon, I found a tool from Google Code called namebench which tests response times against multiple DNS servers and give recommendations based upon a number of query types. The results returned when checking the 'censorship tests' were interesting. Seems a number of sites (wikileaks, isohunt, stormfront) returned 'incorrect' results across DNS servers. I'm going to try this over the next couple of days and see if any of my browsing speeds improves.
Why do they use the dns for the geo location and not the ip address itself? You would think that would make way more sense.
https://www.speakservers.com/
Very criminal when you consider that you do NOT need to install iTunes just to install quicktime.
I have to ask why they are playing games with dns rather than using some kind of LB solution to direct users to the closest server(s) based on the client ip address. Is this not feasible or is it cost prohibitive; the method theyre using seems crazy to me though i fully admit to not being up to speed on high level networking design.
It wouldn't...?
They aren't doing network shaping through packet analysis, they are using DNS to determine which server is geographically closest to you, which (usually) causes better network speeds.
If some of the server pools are being overloaded while others are sitting relatively load free, source location is obviously not the best choice for load balancing. Sure, it may work most of the time but I'm sure ISP's dns server locations are not equally spaced around either. I am in VA and the Comcast DNS address I have are in NJ. I guess that is not too bad but how many people from Comcast are using those same DNS addresses?
Really? You mean on the Mac it isn't required to set up an IPhone or IPad that have no business relying on a desktop machine? You mean it isn't required I sync with it just to get Podcasts onto a device that already has internet connectivity? You mean on Mac it doesn't have a proprietary, signed procedure for syncing music to IPhone/IPod Touch/IPad, that makes it completely impossible to develop competing software without breaking the DMCA?
Sure the "ITunes experience" doesn't suck as hard on the Mac as it does on other platforms, but it still sucks. As GP says it's malware, only I would elaborate and say its malware that malicious to an entire industry.
Such a basic operation, and still not working as intended? Something is terribly wrong here if you ask me...
It must be Apple's "magic" that's causing the trouble.
If Pandora's box is destined to be opened, *I* want to be the one to open it.
I've used our university's DNS servers as primary for over a decade, with whatever my current ISP is as secondary. I haven't had any complaints.
#DeleteChrome
doesn't apple still watermark all their content anyway? Seems like you should be buying it from somewhere else for both reasons.
If only ignorance is criminal too.
Maybe at one time, iTunes was the only way to get Quicktime, but if that's true, that was years ago.
http://www.apple.com/quicktime/download/
I think you'd find some people saying QuickTime is criminal too, but I think that's a different discussion.
That's true. However they do require you to install quicktime in order to get the codecs, unless I'm missing something. And for whatever reason Apple insists on not using any native widgets. Which means that not only are you installing crapware, but it also looks ugly on top of that.
It wouldn't and really shouldn't. CDNs are there to ensure that the least amount of infrastructure is used for each request. Meaning that they try to put the server as close to your physical location as possible. If anything, net neutrality would encourage this as it would be easier to have a CDN covering both Qwest and Comcast in a given region or whatever the options are in your area.
I use to setup my own DNS at home and casually use forward zones when needed. I started this when ther was that issue with redirecting non existant names.
Sure, not every one should do this as it stress load root servers and some ISP may redirect UDP/TCP 53 to their own servers. BTW, that's still my way of using DNS.
Léa Gris
"As GP says it's malware, only I would elaborate and say its malware that malicious to an entire industry." - it might not be the most optimized piece of software on earth but to call it malware just exposes you as a someone who has hopped on the anti-Apple bandwagon because it's trendy.
This isn't Apple's fault. It's also not Akamai's fault. They're trying to provide the best user experience by directing a client to the "closest" server. This is accomplished by the global load balancer answering DNS queries with the IP address of a server that's close to the source. But, because of how DNS works, the only information they have to work with is the IP address of the client's DNS server ... not the actual client's IP address. So, if you use a DNS server that's clear across the country from you (or worse yet, one on a different continent!), you're likely to get directed to a server you don't really want to use.
What the fuck are you smoking? The discussion is about being forced to install itunes in order to install quicktime, not the other way around.
Microsoft does this too. After scratching my head over the past several weeks trying to figure out why I cant download M$ files worth crap half the time, this appears to be why.
yEA But Apple still sucks I mean come on, it's trendy for a reason. I like real Apples and the company Apple doesn't taste like a nice, fine, red delicious on a sunny afternoon, its sweet nectar dripping from my chin hairs and sliding its way down my chest to my erect nipples where it pools for a moment and then gravity finally exerts the full strength of its power, drawing the sweet juices farther down towards my waiting
Amazon's MP3 store.
You don't need to install iTunes to install QuickTime. Sadly, you do need QuickTime to install iTunes. Which is the lessor evil depends on your needs, but I'd be thrilled to have iTunes alone without QuickTime, Bonjour or the host of kernel mode crap it installs.
Give a man a fish, he'll eat for a day, but teach a man to phish...
So the moral of the story here is not that Google and OpenDNS services are bad, but that Apple's iTunes QoS methods are of "questionable quality" - at best.
How did this make Slashdot's frontpage, again? Maybe this should be filed as a bug report to Apple (do they read those?) instead.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Seems like it would be useful to use multiple DNS servers and then choose whichever one has the fastest download and abandon the other connections.
Do any browsers/OSs/whatever have this feature? As I understand it, the secondary DNS feature only uses the secondary server when the primary server is down.
This applies to tons of GEO-optimized services and has been this way since day one. Really, how is this news?
Which is the lessor evil depends on your needs,
Well, since neither Quicktime or iTunes is leased to you, I guess that means neither is a lessor evil.
... and then they built the supercollider.
Amazon's MP3 store.
Strange world you live in, to recommend an Amazon "We delete your property" solution as "superior"
Amen! It's buying content from iTunes like highly immoral, well maybe not so immoral as buying from Amazon or a CD store, but immoral none the less.
Fair enough.
Give a man a fish, he'll eat for a day, but teach a man to phish...
fwiw, you do not need to sync to get podcasts. you can get them directly on the iThing without using itunes. at least with the most recent ios.
Let me get this right, you've just figured this out? People have been using DNS and IP based location load balancing for years google, yahoo, facebook, limelight networks, akamai you name it is doing it ie. content delivery networks and ip aka location based load balacing\site selection. e. Getting the content closer to the end users, improving experience, tayloring experience based on location. I remember for quite awhile several years google's appliances though apnic netblock was taiwan based, eventually databases were updated with the correct country code being attached to the allocation directing content to the correct country based experience. Old news.
Quicktime has been around a lot longer than iTunes (but it was never less of a resource hog as far as I remember).
http://en.wikipedia.org/wiki/Quicktime#QuickTime_1.x
Amazon's MP3 store.
Strange world you live in, to recommend an Amazon "We delete your property" solution as "superior"
Ding Ding! We have a winner!
Pretty sure Apple is using all HTTP Live Streaming at this point, which in fact is all based on HTTP...
Also I have worked with a lot of applications that stream or play media now, and generally it's been done over HTTP - I'd say that's more the rule than the exception.
And if an HTTP client can't follow redirects it's not really an HTTP client - that's pretty basic stuff, I can't fathom there is anything that wouldn't obey a re-direct (unless it was doing so on purpose).
"There is more worth loving than we have strength to love." - Brian Jay Stanley
The moral the the story would appear to be that more people on Slashot need to read up on what CDN's are and who runs them.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Six months ago, I was the owner of mini-Mac, iPad and a iPhone. Now, I no longer have the Mac, (back to windows and mostly Linux), have a Galaxy S Captivate, and the newest device is a eLocity A7 Android tablet. I will not say that there haven't been some bumps in the road, but I will say I'm happier overall.
Now, I would still recommend a Mac to some of my Family/Friends who don't like configuring their computers. In fact as one of the major techies in my family I encourage them all to adopt Macs, because then my life is a lot easier!
-My mistakes are just those, please accept my apologies. Tks
With a little effort, you can set up BIND on your own system.
Apple insists on not using any native widgets.
How are the widgets in QuickTime and iTunes not native? Are they written in Java bytecode or something? Are they PowerPC, and run under the equivalent of Rosetta?
Wow, had to stop and fap to your own fanfiction.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
...the tool from Geek Squad copies your music while your box is in the shop?
I realize this is Slashdot and your head probably just exploded at the thought of *you* going to Geek Squad - but there's a simple and glaringly obvious problem with watermarked media files:
They are, ultimately, completely useless in terms of actually determining wrongdoing.
The first suggestion is just no longer an option, for so many reasons, all of them based on lack of trustworthiness in this climate of corporate dominance and machination. I was using OpenDNS for several years, but recently I started using TreeWalk to host my own modest DNS server. Seems to work fine, and I don't even notice it's there.
Load balancing based on the DNS resolver is so 1999! Even when it works, it works by chance, and does not test the actual speed between your PC and the potential servers. Compare that to Bit Torrent, which actually tests the speed of the downloads. You really wonder why Apple, and Akamai, would not use some kind of torrent technology!
is iTunes?
One question: do you think there's more information in the IP address of the incoming HTTP GET request or in the IP address of the incoming DNS query?
While everyone is using a browser, very few are running a DNS server. Provided that it's properly configured.
Maybe Computers will never be as intelligent as Humans.
For sure they won't ever become so stupid. [VR-1988]
There are dozens of free dns services. Akamai knows this problem. But for some reason, they don't take appropriate measures.
Their DNS can serve an IP based on the geo-location. If visitors are using a dns server that is known for hiding the actual location, I would suggest serving the IP of a redirect-only HTTP server. The client connects to this redirect-only HTTP server and the server returns a "301 Location:" header based on the clients actual IP/location.
This will make the initial connection for users of Google DNS/OpenDNS a little bit slower, but then allows the available bandwidth to be used optimally.
.sig: No such file or directory
I'm surprised no one mentions the above free/public/fast DNS resolvers :-p
Changing DNS probably won't help your Video Streaming
this website http://ip-address-lookup-v4.com/lookup.php and this one http://ipxml.info/myip/?ip=213.251.189.203 are able to figure out my location correctly no matter what DNS server I use?
maybe time for akamai and company to change the way they figure out an ip address's geo location.
Amazon's MP3s are plain old MP3s which require no proprietary software that could delete your MP3s.
GRC DNS Benchmark
http://www.grc.com/dns/benchmark.htm
find the best DNS servers for YOUR location.
My W2003 router-PC runs DNS server, which allow me to
specify many DNS Forwarders to spread any potential
privacy, performance, security, risks.
(Next re-install already planned for Linux)
Btw, put potential spyware like OpenDNS and GoogleDNS
where they belong, in PeerBlock or hosts file
OpenDNS:38.99.20.0-38.99.21.255
OpenDNS:38.103.65.96-38.103.65.97
OpenDNS:38.103.65.148-38.103.65.149
OpenDNS:38.104.56.48-38.104.56.51
OpenDNS:38.104.74.40-38.104.74.43
OpenDNS:38.104.124.60-38.104.124.63
OpenDNS:38.104.128.128-38.104.128.131
OpenDNS:38.104.140.44-38.104.140.47
GoogleDNS:8.8.4.4-8.8.4.4
GoogleDNS:8.8.8.8-8.8.8.8
People still use iTunes?
That's true. However they do require you to install quicktime in order to get the codecs, unless I'm missing something. And for whatever reason Apple insists on not using any native widgets. Which means that not only are you installing crapware, but it also looks ugly on top of that.
The widget thing is just stupid. Hell, last time I checked (a long time ago) Safari was doing its own text rendering on Windows. Bleah.
Of course, Firefox annoys me for the same reasons. Oddly enough, most /. users don't seem to include its GUI in their rants.
You're special forces then? That's great! I just love your olympics!
Yes, this "news" was exactly that informative.
Just in case you didn't realize, on Windows you *can* uninstall Bonjour. iTunes will happily re-install it every time you upgrade, but it's not necessary for it to stay installed.
I always use a local dns recursor server so I point my dns settings to 127.0.0.1. I can only see advantages privacy and performance-wise. The kind of problem described in this article seems to be another advantage to my apporach over using an external DNS server, but at the same time I rarely see anybody recommending it. What are the disavantages of using things like pdns-recursor?
Better solution - How about Akamai watches where the actual HTTP/FTP request comes from, rather than the DNS? That should get you closer to the client.
I'll start using my ISP's DNS servers as soon as they figure out how to properly configure/maintain/run them. Until then, OpenDNS and GoogleDNS it is.
"Work is the curse of the drinking classes." -Oscar Wilde
You missed the huge box notifying you that all your music would be deleted because the iPhone wasn't paired with that machine? You just clicked the continue button, labelled "restore iPhone" (the buttons are marked by task, not with "ok").
iTunes is very clear about when it will delete the music on your iDevice, and asks you clearly with a detailed warning when you attempt to sync an iPhone with a copy of iTunes that is not it's "home" base.
If you missed that, then you just don't read warning boxes that require user action. iTunes will not delete your music without user authorisation.
A quick Gogle shows OpenDNS has been aware of issues with Geographic caching since at least 2008:
http://ideabank.opendns.com/story.php?title=exceptions_to_permit_geographic_caching_download_sites_to_work
Also, Apple claims to have resolved the issue for AppleTV in the US:
http://www.cultofmac.com/opendns-we-offer-fast-appletv-streaming-in-north-america-but-international-performance-is-akamais-fault/74342
MIL - Mother-In-Law
MILF - Mother I'd Like to F--k.
MILILF - ???
That's not how Google DNS or the other open DNS sites work with the Content Delivery Networks. Here's how the process really works:
http://www.zdnet.com/blog/networking/changing-dns-probably-won-8217t-help-your-video-streaming/467
The bottom line is that changing your DNS is unlikely to help with your video-streaming, and if it does, it's pretty much a matter of you lucked out.
Steven
You mean it isn't required I sync with it just to get Podcasts onto a device that already has internet connectivity?
I've never required a sync to download podcasts... heck I've done it from 3G.
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
I'm just amazed that a slashdot reader isn't savvy enough to backup their music to something more reliable than a mobile phone.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
When iTunes fails to download a song, because it is corrupted on your local Akamai server, you can switch to OpenDNS instead. It worked for me once.
Hardcode the domain/host name of the one that performs best for you right into your hosts file, thus:
72.215.224.16 ardownload.adobe.com
That way you don't even need to waste CPU cycles on DNS servers, period. It will resolve to the fastest one you find that way, via hardcoding that into your local HOSTS file!
APK
P.S.=> Sure you could use the other IP addy too, 72.246.30.19, but from your tracert? Looks like more "HOPS" to me as well as more ms travel time also... just an idea, you probably know about HOSTS but, I thought I'd throw it out there for you - better than eating up CPU cycles & RAM running a daemon/service in DNS servers, that you may NOT really need (the article suggests doing it, but this is a cheaper/faster work-around imo)... apk
This is why automatic detection of things like this should never be absolute. If you do geolocation, and it makes a big difference on download times, SHOW THE LOCATION you're assuming. Then, allow the user to select another location if the one your program has assumed is wrong.
Technically this is true, but I'm more annoyed by QuickTime's stream of vulnerabilities and the potential instability of having unneeded kernel modem drivers.
Constantly uninstalling something every time iTunes has an update isn't worth the hassle, nor is pulling apart the iTunes installer and beating it into installing just iTunes without Bonjour every time.
Bonjour is the one component that doesn't really annoy me, if only because it occasionally gets used (or at least some iPhone apps can use it to find a PC, and it's sometimes easier/lazier than entering IPs)
Give a man a fish, he'll eat for a day, but teach a man to phish...
Karma whoring alert: parent post is plagiarized wholesale from http://news.ycombinator.com/item?id=2051206.
I thought parent post was being inflammatory until I read the link it provided. The timestamps make it really obvious. Parent post is telling the truth, so why is it modded down? Truth hurts so bad you have to silence it? I thought this place liked free speech.
For the record, I loathe iTunes/Quicktime as well.
Me too, but iTunes is a requirement to use an iPhone (call me whatever names you want, but I have WM6, iOS, BlackBerry and Android here. My iPhone is the only one I actually carry and use)
QuickTime isn't nearly as obnoxious as it used to be. It does still steal a few file associations upon installation but once you tell VLC to take back what it supports, QuickTime is mostly a "install it and forget it exists".
Gone are the days where QuickTime would run in the tray and take up CPU and memory despite the fact that you'd never actually used it.
Still, I'd happily give up iTunes' lackluster media playback capabilities entirely if I could lose QuickTime in the exchange.
Give a man a fish, he'll eat for a day, but teach a man to phish...
My point was, I'm tired of the idiosyncrasies of the Mac world. Why do I have to use iTunes? Why do I have to jump through hoops to sync a damned mp3 player with a new computer? Why can't I sync it with more than one computer? I'm pretty sure there are work-arounds, however I thought Macs and Apple products were just supposed to work?
seriously, I didn't really lose anything truly. Maybe a couple of songs. I do back up, in fact I have a backup server here at the house. I just didn't like syncing my phone all of the time. If apple allowed wireless sync, perhaps then it would be more convenient. Of course I really was just annoyed at how my stuff behaved. In fact the last time I lost some songs, Apple reset the download flags and let me re-download them. I suppose I could chalk up the wretched, twisted policies to the Music Industry, who really want us to buy multiple digital copies of the same song to play on multiple devices.
In our recent study, that involves vantage points in more than 50 commercial ISPs and content requests for around 10,000 hosts, we observed that the location of DNS resolvers break the assumption made by CDNs about the vicinity of the end-user and its DNS resolver. Moreover, we observed that third-party DNS resolvers do not manage to redirect the users towards content available within the ISP, contrary to the local DNS ones. We do believe that this problem is not limited to iTunes but may effect the end-user experience when downloading CDNized content that is already a significant fraction of Internet traffic. You can find more about our comparison of DNS resolvers in the Wild here: http://www.net.t-labs.tu-berlin.de/papers/AMSU-CDRW-10.pdf You can find more about our study on the effect of third-party DNS resolvers in content delivery here: http://www.net.t-labs.tu-berlin.de/papers/PFASF-ICDUPADI-10.pdf To better understand DNS and its performance, we would like to scale up the experiments and for this we are seeking your help. If you are willing to participate in this effort, please go to the following link: http://www.fg-inet.de/ Download the script that can be found in the download section of the website, and run it from an Internet connection provided by a commercial ISP, e.g., at home. The typical duration of the experiment is around six hours. All major operating systems are supported (Linux, Mac OS, Windows etc.). Once the experiment is done, please upload the traces on our website: http://www.fg-inet.de/upload.php Our script performs DNS queries for a number of predefined hosts. This list is included in plain text in the download packages. The traces collected with our program do not interact with any of your browsing or download history or activity. The additional bandwidth consumption and CPU load due to the experiment are negligible. The traces collected on this website will be kept confidential within the project and will not be distributed to any third party, nor shared with any third party. You also have the option to make them accessible to the research community if you wish so.
I just didn't like syncing my phone all of the time. If apple allowed wireless sync, perhaps then it would be more convenient.
I agree, and I have to wonder why they don't allow this. The only thing that I can fathom is security, or maybe speed. Come to think of it, it is probably speed - even a 16GB iPhone would take something on the order of 4 hours to do a complete sync. That much use of the wireless radio would probably destroy the battery time :)
I suppose I could chalk up the wretched, twisted policies to the Music Industry, who really want us to buy multiple digital copies of the same song to play on multiple devices.
They're all in it together :)
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Why do I have to use iTunes? Why do I have to jump through hoops to sync a damned mp3 player with a new computer? Why can't I sync it with more than one computer? I'm pretty sure there are work-arounds, however I thought Macs and Apple products were just supposed to work?
That's the rub... there is a real engineering tradeoff between "choice" and "just works". Apple is not magic, but they are pretty good at making a limited set of choices do a respectable job for a large number of people. The tradeoff is that it gets frustrating when you stop drinking the kool-aid.
Windows is the other side... almost infinitely configurable and the ecosystem is damned cheap - but you pay for it by being the family IT guy. All that choice comes at the expense of complexity.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Well, there is a third choice. Linux+Android. Not pretty at times, but boy does it work. Considering the alternatives........
I didn't mean to slight Linux - it is of course a choice, and it is even more complex and configurable than Windows.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
to use a car analogy:
Windows: Get a pretty good basic car, and start adding up the options, each of which will cost.
Mac: Get a really good car, but everything is pretty much standard. No Choices.
Linux: Here's a pile of parts, and a bunch of tools. Go ahead, make your own damn car.
The "solution" that I've settled on at the moment is to use a combination of systems. I have a dual-boot Windows/Linux homebuilt for the wifey and for that occasional program/file that you simply must run on Windows. I have an Apple laptop and desktop - the desktop mostly used as a server. I'm in the process of setting up a freebsd (well, FreeNAS) file server to replace the Apple desktop, which is now about 6 years old.
I'll probably wire SOMETHING up to the TV again, but it obviously won't be the FreeNAS box :)
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.