Home page logo
/

nanog logo nanog mailing list archives

Re: dns and software, was Re: Reliable Cloud host ?
From: James M Keller <jmkeller () houseofzen org>
Date: Wed, 29 Feb 2012 16:02:10 -0500

On 2/29/2012 1:38 PM, Robert Hajime Lanning wrote:
On 02/29/12 10:01, Owen DeLong wrote:
Further, DNS performance issues in the past have led developers of
such applications to "take matters into their own hands" to try and
improve the performance/behavior of their application in spite of
DNS. This is one of the things that led to many of the TTL ignorant
application-level DNS caches which you are complaining about.

I have found some carriers to run hacked nameservers.  Several years
ago I was moving a website and found that Cox was overriding the TTL
for all "www" names.  At least for their residential customers in
Oklahoma. The TTL value our test subject was getting was larger than
it had ever been set.


Back in the day, the uu.net cache servers where set for 24 hours (can't
remember if they claimed it was a performance issue or some other
justification).   Several other large ISPs of the day also did this, so
you typically got the "allow 24 hours for full propagation of DNS
changes ..." response when updating external DNS entries.   Nominal best
practice is to expect that and to run the service on old and new IPs for
at least 24 hours then start doing redirection (where possible by
protocol) or stop servicing the protocols on the old IP.


I'm sure other providers are doing the same to slow down fast flux
entries being used for spam site hosting today.

-- 
---
James M Keller



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]