Health warning – what follows is for geeks
Some weeks ago a very long and scientific-looking blog post appeared that analysed some CDN’s use of DNS to determine the location of an end-user. At the time I read it and dismissed it because it was so obviously flawed. But several people have asked me about it so I thought I’d try and unpick some of the assertions in that post. I’ll try and do it as simply as possible.
The Domain Name Server (DNS) infrastructure is a fundamental part of the Internet and its job is to translate human-readable (and memorable) web site names like www.level3.com into network addresses like 22.214.171.124, which end-users could never remember, but that network equipment needs to route end-users to those web sites.
That DNS infrastructure is largely split into two types; open (public) and closed (private). Open DNS is provided by companies like OpenDNS, Google and Level 3. You can use it wherever you are on the Internet with no restrictions or authentication required. Closed DNS is provided by an ISP, like CableVision, and is only accessible by the ISP’s own authenticated broadband consumers. The vast majority of all DNS requests (in excess of 90%) take place in a closed DNS environment. This study appears to have used only data from open DNS infrastructure (or maybe some poorly configured closed systems) so the statistical validity is already compromised at the outset of the study.
The author does admit that his list of CDN server locations is not complete because of his methodology (the only one open to him), which would never find all the unique addresses of a CDN. This is the fundamental flaw in this study. He then persists in using those locations as the basis for his other assertions anyway! But the commentary seems to miss a very vital part of a CDN’s architecture. That is that a host name, (one of those web sites) that leverages a CDN for delivery is actually “bound” to an optimized sub-set of the entire CDN infrastructure. These “bindings” are optimized for customer content with specific characteristics and share a common infrastructure.
Mixing content together with different characteristics (large objects and small objects for instance) on a single binding set may degrade performance or lead to less efficient use of the deployed computer infrastructure. For the customer example that was chosen to represent Level 3, a large number of locations from which that customer was served were completely missed and this severely limited data set effectively invalidates any of the assertions that followed.
The post goes on to compare the use of DNS as a tool to select the best computer to serve from, with Anycast. Sure both have pros and cons. DNS alone assumes that the location of the end-user’s DNS resolver is a proxy for that end-user’s actual geographic location … in a very small percentage of cases, it is not. Anycast, however, suffers from the inherent linkage to the Internet’s routing connectivity (who has peered with who and who has bought transit from who) to determine “closeness”.
While a performance-based view of proximity may seem inherently better, in a widely distributed CDN, this approach could toggle an end-user back and forth between several geographically close CDN clusters with disastrous results for jitter-sensitive applications. Level 3’s DNS rendezvous system dynamically allocates the best content source based on both DNS location and a real time view of performance – the system makes appropriate use of the DNS infrastructure, but augments it with a very intelligent real time “weather map” of Internet latency measurements … trust with verification. This, in fact, is a large part of our “secret sauce”. If I tell you how it works I will have to shoot you
The poster’s “study” is analogous to a book that begins “I know that we can’t travel faster than light, but if we could … “ All of us would recognize that anything following that statement, no matter how well written it was, would be science-fiction. A study based on a flawed premise and incomplete data is not so easily recognized as speculative fiction.
But all this actually misses the point. All that matters is the end-user experience, which can be measured by independent testing services like Conviva or Gomez. In test after independent test, as I’ve said before, Level 3’s DNS based, dual-tiered approach outperforms our competitors.