How CDNs and Alternative DNS Services Combine For Higher Latency 187
The_PHP_Jedi writes "Alternative DNS services, such as OpenDNS and Google Public DNS, are used to bypass the sluggishness often associated with local ISP DNS servers. However, as more websites, particularly smaller ones, use content distribution networks via embedded ads, widgets, and other assets, the effectiveness of non-ISP DNS servers may be undermined. Why? Because CDNs rely on the location of a user's DNS server to determine the closest server with the hosted content. Sajal Kayan published a series of test results which demonstrates the difference, and also provided the Python script used so you can test which is the most effective DNS service for your own Internet connection."
Poor application design (Score:3, Insightful)
Do you even know what a CDN is? (Score:2, Insightful)
Yeah, go ahead and block them. Try it. Do you know what happens? Most of the web sites you use just won't fucking work. This is especially true with so many web sites these days serving up their images, JavaScript scripts and stylesheets via a CDN.
We've discussed this before (Score:1, Insightful)
Previous Discussion [slashdot.org]
DNS is not and should not be a good indicator of client location. The proper solution for routing to a closer server is IP anycast.
Most CDNs don't do this.. (Score:4, Insightful)
While some shoddy CDN companies may reroute you at the DNS level, many are actually smarter about it. Smart systems will redirect you to a 'closer' system via a different URL for media files, or utilize anycast BGP routing so that you always take the shortest path to one of their nodes.
As for 'who serves stuff on CDNs that I want to see anyway' -- everyone. From porn sites to Google to Youtube, they're all one type or another of CDN.
Uptime (Score:3, Insightful)
Considering TWC can't keep their DNS servers up reliably using them is not even an option.
Re:Is this a problem? (Score:3, Insightful)
Ok, saving network capacity I can buy as a benefit. I'm not sure that latency - the focus of TFS - is a real issue when downloading software updates, though.
Re:Leave Canada Alone (Score:4, Insightful)
For one, because they're deliberately abusing the Open moniker. They also do not provide an ad-free DNS service, unlike for example Google's DNS server. Furthermore, they redirect www.google.com through OpenDNS servers. Last but not least, to change the configuration (e.g. the Google redirection or the NXDOMAIN highjacking), you have to get an account and always log in. For DNS. Are you kidding me?
Re:Leave Canada Alone (Score:5, Insightful)
I don't give a shit if you use OpenDNS or not. If you like their censorship features then that is great, use what works for you.
What I do give a shit about is people recommending OpenDNS as a good alternative for ISP DNS servers in discussions about NXDOMAIN fuckery. They are about the absolute last alternative DNS provider you should choose if NXDOMAIN is important to you. Just about any of the dozens of other free DNS servers doesn't require you to do retarded shit like use DynamDNS just to get standards compliant DNS results, recommending OpenDNS is irresponsible at best.
Seriously, just because they have "Open" in their name, doesn't mean they are good.
Re:Leave Canada Alone (Score:4, Insightful)
OR just use a REAL DNS server and don't worry about that shit. Why is this such a hard concept?
edns-client-subnet (Score:1, Insightful)
http://tools.ietf.org/html/draft-vandergaast-edns-client-ip-01 [ietf.org]
Problem solved.
Re:This is not accurate (Score:3, Insightful)
Well the critics argue that the Internet != The WWW. Which is true. If you are sending email, the destination SMTP server, and it's corresponding authoritative DNS server would never normally see the client's original IP. The fact that TONS of benefits exist from routing and performance to anti-spam measures would benefit from this, we're creating a vector of privacy leakage that possibly didn't previously exist in all scenarios.
None of this considers the fact that very few DNS operators would actually even implement this standard. Just big 3rd party resolvers like us and Google and big CDNs and eye-ball sites.
Re:This is not accurate (Score:5, Insightful)
>. Unfortunately the old guard of DNS (Vixie, et al) are not supporting it because they fear it raises insurmountable privacy concerns.
Old guard? You'll find end users are also very much concerned with privacy. Rewriting the DNS spec solely for CDNs is ridiculous. Want location services in web broswer? Add it to http. Let the browser makers figure out the implemention.
Not to mention, there's nothing open about your service. Its simply free. There's nothing open source about it and you openly violate the DNS spec with your typo domain crap. Sorry, the internet doesnt need "open" dns to ruin dns. You've done enough already. Thankfully, google offers free dns at 8.8.8.8.
Re:Leave Canada Alone (Score:1, Insightful)
No, you can't. Chatroulette for example can be accessed through its IP address alone, which any number of DNS lookup web tools will give you. Unless your kids are idiots, if they want it, your DNS games won't stop them.