Re: Slashdot: Providers Ignoring DNS TTL?
I'd rather expect this sort of behavior with anycasted servers...
Where do you see any connection between anycast and ignoring DNS TTL? Or is this just part of your usual rant against anycast DNS service? We use anycast for our caching (recursive) DNS servers. It works well for us, and we certainly intend to continue to use it. The actual DNS software used is Nominum CNS and BIND 9.3.1, both of which honor the DNS TTL. Steinar Haug, Nethelp consulting, sthaug@nethelp.no
On Wed, 20 Apr 2005 sthaug@nethelp.no wrote:
I'd rather expect this sort of behavior with anycasted servers...
Where do you see any connection between anycast and ignoring DNS TTL? Or is this just part of your usual rant against anycast DNS service?
The data he showed isn't necessarilly "ignoring ttl". If there are multiple anycasted caching servers behind a specific IP address, then those several cache's will each have a different state. Since, [as I explained, and was supposed by the poster], there is "some kind of load balancing going on", and also since implementors of anycast caches have posted questions and explained their purposes [which could be seen as "load balancing"], this is a likely explanation. It may not be the only explanation: e.g. they could be restarting their nameservers every thirty seconds. But "anycast loadbalancing" of a caching server is probably the most likely. But since you post on DNSOP, I assume that you read DNSOP [indeed, I may assume too much here], and so you have read the recent questions posed there on just how to implement just this sort of configuration. So, in light of that, I take your message to be your "usual [and fact-free] rant against anyone who explains the harms of anycast"
We use anycast for our caching (recursive) DNS servers. It works well for us, and we certainly intend to continue to use it. The actual DNS software used is Nominum CNS and BIND 9.3.1, both of which honor the DNS TTL.
"worked once for me" doesn't cut it, now. Does it? Probably you didn't notice that the cache states of different caching servers must be different. "load balancing" [of nearly any sort] and anycast does not work so well.
Steinar Haug, Nethelp consulting, sthaug@nethelp.no
-- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
Once upon a time, Dean Anderson <dean@av8.com> said:
If there are multiple anycasted caching servers behind a specific IP address, then those several cache's will each have a different state. Since, [as I explained, and was supposed by the poster], there is "some kind of load balancing going on", and also since implementors of anycast caches have posted questions and explained their purposes [which could be seen as "load balancing"], this is a likely explanation.
Not really. Normally, anycasting should be stable; if you send a request to the same IP address you will get a response from the same server. There may be additional load balancing being done where at a particular location that IP maps to multiple servers (we've done that with TruCluster for example), but that has nothing to do with anycasting. -- Chris Adams <cmadams@hiwaay.net> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
On Wed, 20 Apr 2005 14:00:00 EDT, Dean Anderson said:
Where do you see any connection between anycast and ignoring DNS TTL? The data he showed isn't necessarilly "ignoring ttl". If there are multiple anycasted caching servers behind a specific IP address, then
On Wed, 20 Apr 2005 sthaug@nethelp.no wrote: those several cache's will each have a different state. Since, [as I explained, and was supposed by the poster], there is "some kind of load balancing going on", and also since implementors of anycast caches have posted questions and explained their purposes [which could be seen as "load balancing"], this is a likely explanation. It may not be the only explanation: e.g. they could be restarting their nameservers every thirty seconds. But "anycast loadbalancing" of a caching server is probably the most likely.
All fine and good. But nowhere in your long paragraph do you actually address Steinar's question, which is "What does this rant have to do with *ignoring* *DNS* *TTL*?"
On Wed, 20 Apr 2005 Valdis.Kletnieks@vt.edu wrote:
On Wed, 20 Apr 2005 14:00:00 EDT, Dean Anderson said:
Where do you see any connection between anycast and ignoring DNS TTL? The data he showed isn't necessarilly "ignoring ttl". If there are multiple anycasted caching servers behind a specific IP address, then
On Wed, 20 Apr 2005 sthaug@nethelp.no wrote: those several cache's will each have a different state. Since, [as I explained, and was supposed by the poster], there is "some kind of load balancing going on", and also since implementors of anycast caches have posted questions and explained their purposes [which could be seen as "load balancing"], this is a likely explanation. It may not be the only explanation: e.g. they could be restarting their nameservers every thirty seconds. But "anycast loadbalancing" of a caching server is probably the most likely.
All fine and good. But nowhere in your long paragraph do you actually address Steinar's question, which is "What does this rant have to do with *ignoring* *DNS* *TTL*?"
Try actually reading the long paragraph. It starts with the interesting sentence 'The data he showed isn't necessarilly "ignoring ttl".', and I then explain why that is. -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
On Wed, 20 Apr 2005, Dean Anderson wrote:
On Wed, 20 Apr 2005 sthaug@nethelp.no wrote:
I'd rather expect this sort of behavior with anycasted servers...
Where do you see any connection between anycast and ignoring DNS TTL? Or is this just part of your usual rant against anycast DNS service?
The data he showed isn't necessarilly "ignoring ttl". If there are multiple anycasted caching servers behind a specific IP address, then those several cache's will each have a different state. Since, [as I
I fail to see the correlation still.. anycasted caches should all be operating independently getting their DNS data from authoritative sources. If at any point one of them uses a TTL that it has not received from the authoritative source it is ignoring the ttl, where does anycast get involved with this particular problem? thanks Steve
On Thu, 21 Apr 2005, Stephen J. Wilcox wrote:
On Wed, 20 Apr 2005, Dean Anderson wrote:
On Wed, 20 Apr 2005 sthaug@nethelp.no wrote:
I'd rather expect this sort of behavior with anycasted servers...
Where do you see any connection between anycast and ignoring DNS TTL? Or is this just part of your usual rant against anycast DNS service?
The data he showed isn't necessarilly "ignoring ttl". If there are multiple anycasted caching servers behind a specific IP address, then those several cache's will each have a different state. Since, [as I
I fail to see the correlation still.. anycasted caches should all be operating independently getting their DNS data from authoritative sources.
If at any point one of them uses a TTL that it has not received from the authoritative source it is ignoring the ttl, where does anycast get involved with this particular problem?
The queries produce different data, but none of the data is inconsistent if there are different caches responding on the same address. Here is the original description: (slightly reformated with roman numerals) (I) I ran a query for a name in a zone I control that has a five minute TTL on 204.127.198.4. The first query came up with 5 minutes. (II) I quickly made a change to the zone. (III) Thirty seconds after the initial query, I try again...err... and come up with the change. Hmm... Not caching at all? (IV) Another 30 seconds and I get the change, with 5m TTL. (V) Thirty seconds later, I get the original response with appropriately decremented TTL. (VI) Another thirty seconds, I get the change, with 4m TTL. Here is the detailed anycast explanation: (I) Cache 1 gets answer to query X? = Y (II) Authority changes X? to Z (III) Cache 2 gets answer to query X? = Z (IV) Cache 3 gets answer to query X? = Z (V) Cache 1 responds (VI) Cache 3 responds No TTLs were ignored. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
On Fri, 22 Apr 2005, Dean Anderson wrote:
On Thu, 21 Apr 2005, Stephen J. Wilcox wrote:
On Wed, 20 Apr 2005, Dean Anderson wrote:
On Wed, 20 Apr 2005 sthaug@nethelp.no wrote:
I'd rather expect this sort of behavior with anycasted servers...
Where do you see any connection between anycast and ignoring DNS TTL? Or is this just part of your usual rant against anycast DNS service?
The data he showed isn't necessarilly "ignoring ttl". If there are multiple anycasted caching servers behind a specific IP address, then those several cache's will each have a different state. Since, [as I
I fail to see the correlation still.. anycasted caches should all be operating independently getting their DNS data from authoritative sources.
If at any point one of them uses a TTL that it has not received from the authoritative source it is ignoring the ttl, where does anycast get involved with this particular problem?
The queries produce different data, but none of the data is inconsistent if there are different caches responding on the same address. Here is the original description: (slightly reformated with roman numerals)
(I) I ran a query for a name in a zone I control that has a five minute TTL on 204.127.198.4. The first query came up with 5 minutes. (II) I quickly made a change to the zone. (III) Thirty seconds after the initial query, I try again...err... and come up with the change. Hmm... Not caching at all? (IV) Another 30 seconds and I get the change, with 5m TTL. (V) Thirty seconds later, I get the original response with appropriately decremented TTL. (VI) Another thirty seconds, I get the change, with 4m TTL.
Here is the detailed anycast explanation: (I) Cache 1 gets answer to query X? = Y (II) Authority changes X? to Z (III) Cache 2 gets answer to query X? = Z (IV) Cache 3 gets answer to query X? = Z (V) Cache 1 responds (VI) Cache 3 responds
No TTLs were ignored.
Ok gotcha, and you point seems valid except aiui the previous post was concerning providers who are actually overriding the TTL eg your zone has a 5m ttl, the provider caches it but sets TTL to 10 days. i think this thread forked quite early :) Steve
participants (5)
-
Chris Adams
-
Dean Anderson
-
Stephen J. Wilcox
-
sthaug@nethelp.no
-
Valdis.Kletnieks@vt.edu