RE: L3: Google from DC via the Netherlands?

[Peter Beckman <beckman () angryox com>]

 After a few emails traded with David Ulevitch from OpenDNS, it is clear to
 me that they do NOT suffer from this issue, and have a work-around.  My
 apologies to David and to OpenDNS for lumping them in and not doing better
 due dilligence when researching this issue.

On Sat, 7 Feb 2009, TJ wrote:

> IMHO, off the top of my head, on a weekend where I haven't had enough coffee
> yet:
>
>     3. Anycasted DNS Providers? Not sure how they could fix it, other than
>        flag certain domains as special, and do something special for them,
>        but man that smells like a hack.
>
> Anycast is a good thing, but when geo-location style concerns are factored
> in maybe they should have region-based anycast addresses.

 Anycast is extremely useful for fault tolerance, agreed.  But what I
 personally didn't consider, and I don't think other people consider, when
 they chose to use an alternative DNS caching resolution providers is what
 might break or not operate as expected.

 Having traded a few private emails from people smarter than I at Google
 and OpenDNS, I understand the issue much better than when I first posted.
 Thank you to you both.

 Here's a theoretical solution to this problem that I'd like to open for
 discussion.

    In each location where a provider hosts their anycasted service, there
    is likely a local, non-anycasted IP address for each server.  When
    receiving a DNS request that is not in the local cache, or has expired,
    make the new request on that local IP address interface, rather than on
    the anycasted IP address interface.  In those cases, GSLB records would
    likely return a more accurate set of results for clients making DNS
    requests of it, and when those records were requested from the
    anycasted DNS resolving service, the cached records would more likely
    be closer from a network standpoint to the actual service.

 Obviously there are some issues:
    * need to patch BIND or PowerDNS to use a different interface for
      making new requests
    * possibility of the responding anycasted DNS server being close to
      server farm A, while being far away from DNS record requestor B

 I'm curious to find out if others on the list know what other companies
 are using GSLB, and what the actual impact of anycasted DNS caching
 nameservers has on GSLB records.  If enough people are using anycasted DNS
 resolution services, implementing a fix like this would reduce network
 traffic.  By how much, I don't know.

Beckman
---------------------------------------------------------------------------
Peter Beckman                                                  Internet Guy
beckman () angryox com                                 http://www.angryox.com/
---------------------------------------------------------------------------