RE: large organization nameservers sending icmp packets to dns servers.

["Jason J. W. Williams" <williamsjj () digitar com>]

Hi Guys,

All things being equal (which they're usually not) you could use the ACK
response time of the TCP handshake if they've got TCP DNS resolution
available. Though again most don't for security reasons...

-J

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
Valdis.Kletnieks () vt edu
Sent: Monday, August 06, 2007 11:35 AM
To: John Levine
Cc: nanog () nanog org
Subject: Re: large organization nameservers sending icmp packets to dns
servers.

On Mon, 06 Aug 2007 17:21:49 -0000, John Levine said:
> > > Sounds like one of the global-scale load balancers - when you do a
> > > (presumably) recursive DNS lookup of one of their hosts, they'll 
> > > ping the nameserver from several locations and see which one gets 
> > > an answer the fastest.
>
> Why would they ping rather than just sending the query to all of the 
> NS and see which one answers first?  It's an IP round trip either way.

If you have sites in San Fran, London, and Tokyo, and you launch a ping
from all 3 and see which one gets there first, you'll *know* the RTT
from each site.

If you just send DNS replies from all 3, you don't have a good way of
telling which one got to the destination first.

Your method works if *I* want to know which one of the 3 sites is
closest (assuming I can identify an DNS server at the 3 sites).  The
problem of the owner of the 3 sites trying to identify which one I'm
closest to isn't symmetric to it.