Bit of an off-topic request.
Does anyone has any stats on Recursive DNS appliances (infoblox etc) vs Bind on a server?
Has anyone actually seen real life improvements?
From: nznog-bounces(a)list.waikato.ac.nz [mailto:email@example.com] On Behalf
Of Perry Lorier
Sent: Sunday, 13 June 2010 2:22 p.m.
To: NZNOG List
Subject: [nznog] New Zealand DNS Performance
After the discussion a few weeks back about DNS performance, I asked one of my colleagues,
Brendon Jones to add DNS performance to the gTLD/Root servers to our Active Measurement
Platform (AMP) which is already monitoring the .nz nameservers. These have now had a
while to collect some data and show a fairly interesting (and IMHO pretty visualisation of
New Zealands DNS performance)
For starters, we've in the past measured performance to the .nz ccTLD name servers to
track their performance within New Zealand. This shows a pretty healthy coverage for .nz.
Full marks to all the people who have done the hard work to make this happen.
This in comparison shows how many hops we see in a traceroute to the .nz ccTLD servers.
All the New Zealand name servers are firewalled in such a way we can't get an accurate
count, but this at least provides a lower bound. You can see people who don't peer at
WIX don't see the near instance of ns7..
Second up, we added a test to all of our measurement points to the Root Servers. This
shows quite distinctively that there are several places in New Zealand whose peering
policy means that they don't see some, or in the case of Otago Uni's CS Dept, any,
New Zealand based instances. vuw interestingly doesn't appear to be able to contact
any f.root instance at all. New Zealand seems to be fairly well covered with F, I, J and
even a fairly close K root.
This shows the same visualisation to all of the gTLD servers. This shows a much more
unhappy view of New Zealand. Our monitoring points are quite biased towards universities
which generally prefer KAREN, which has poor coverage (which appears to be due to KARENs
policies) and thus show very poor numbers. However it doesn't paint a particularly
rosy picture for much of the rest of New Zealand either, with Maxnet and TheLoop also
failing to find any instances anywhere near New Zealand at all.
Afilias provide nameserving for several zones including .org/.mobi and so on. Right this
instant TelstraClear doesn't appear to be able to get to
at all, so again many of the universities show failures, although this time it doesn't
appear to be routing issues with KAREN.
Also, just as we were setting up collecting some test data (but unfortunately not
traceroute data), KAREN coincidentally had a major outage in Hamilton which impacted the
University of Waikato. This let us see what happens when KAREN's routes aren't
available: (See? Unscheduled outages /can/ have an upside!)
This shows that if we don't have KAREN routes available, then our performance to b, e,
j and k root *improves*, Sigh. Also our performance to F root degrades as our commodity
internet connection suddenly has to handle the additional load:
So, all in all, New Zealand's DNS Performance is better than I had seen (my two
measurement points inside Waikato University and Rurallink were two of the worst to choose
from, Rurallink doesn't yet host an AMP node so doesn't appear here).
Hopefully KAREN will in the future consider hosting/peering directly with at least a root
server, and NZ ccTLD server so if an Universities commidity connection falls over then you
can still resolve (and therefore create new connections to) other research institutions.
KAREN could either start not accepting "scenic" routes from other R&E
networks for other anycast instances of Root/gTLD/ccTLD servers, or provide access to them
via less amusing routes by increasing their peering.
People who don't peer at WIX miss out on the instances hosted there. If you're
not peering, some of your customers are getting slower results for DNS lookups than
necessary making web pages take longer, to load, and thus your service appear to be
slower. Yet another reason to improve your peering.
Ideas and comments welcomed!