Home page logo
/

nanog logo nanog mailing list archives

Re: Question regarding anycasting in CDN setup
From: Jared Mauch <jared () puck nether net>
Date: Wed, 1 Feb 2012 15:47:05 -0500


On Feb 1, 2012, at 3:25 PM, Anurag Bhatia wrote:

I have a small question and was wondering if someone could help me with
that.

Question is - why companies like Google, Amazon are having partial
anycasting in CDN setups? E.g if we pick a random hostname from url of
Picasa picture - lh3.googleusercontent.com - this one is further a cname
string and at the end you will find different A records when checked from
different locations.

The real answer to this is highly variable based on criteria that are unknown
by many people outside of the operators at these networks.

what is fairly well known:

1) Anycast can be used to provide low latency queries for stateless (UDP) and
   state full protocols (TCP).
2) Query responses will vary based on node hit and/or source IP address the
   query comes from.  Source address is used to attempt traffic localization.

   This can be defeated by using another resolver on purpose, or inadvertently
   (eg: corporate VPN may cause you to use a CDN node that is non-local by using
    corp DNS).
3) CDNs vary the response based upon uptime/load and other unknown policy criteria.
   They don't want to send you to a server that is down, nor one that is overloaded.

The secret is in the sauce here and is complex enough that it's not easy to perfect.

Also, be careful equating Anycast w/ CDN.  They are not the same thing but sometimes
are related.  (e.g.: cousins)

        - Jared

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault