Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Brian Hartvigsen Manager, Site Reliability Engineering Real World Impacts of EDNS Client Subnet.

Published byVerity Davis Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Brian Hartvigsen Manager, Site Reliability Engineering Real World Impacts of EDNS Client Subnet."— Presentation transcript:

1 1 Brian Hartvigsen Manager, Site Reliability Engineering Real World Impacts of EDNS Client Subnet

2 2 Me BOI ISP SEA youtube.com Google SJC youtube.com Google SEA I see you’re in SEA, we have a DC there… youtube.com Google SEA Google SJC

3 3 Me BOI ISP SEA youtube.com Google SJC youtube.comGoogle SJC I see you’re in DFW, we have a DC in SJC… youtube.com Google SEA Google SJC OpenDNS DFW

4 4 Google/OpenDNS both using option code 0x50FA 20102011…2015 Renamed EDNS Client Subnet A Short History Draft for EDNS Client IP sent to DNSOP Announcement of Global Internet Speedup Initiative Many CDNs & DNS server software add support Option code 0x08 assigned Akamai announces support when using OpenDNS or Google

5 5 Me BOI ISP SEA youtube.com Google SJC youtube.com (for BOI) Google SEA I see you’re asking for BOI, SEA is good! Google SEA Google SJC OpenDNS DFW youtube.com

6 6 A Couple Notes on OpenDNS’ implementation  Whitelist Only  Not accepted from client side  Fixed scope, manageable via configuration

7 7 The Setup  Mirror production traffic to 2 resolvers  Identical traffic  ~2 weeks of data  Enable ECS on only 1  Monitor

8 8 Start from the user’s perspective  Biggest measure is RTT  ~5000 qps  ~85% <25ms  ~95% <300ms

9 9  Still ~95% <300ms  But only ~80% <25ms  More jitter in RTT

10 10 Cache Hits vs Cache Misses  Cache Miss is no data or record with non-matching ECS info  Every failed lookup = 2 + n number of misses ‒ n = number of possible ECS enabled records that won’t match (max 16,777,215)  Store ECS ability as a special record in the cache  Every successful lookup == 2 cache hits (special record + actual record)

11 11

12 12 Cache Churn  Fixed cache size per resolver  Allocate all available memory ‒ Bi-directional linked list  Measure cache “cycle” ‒ How often we run out of room in the cache to store something

13 13

14 14 Moving upstream

15 15 Bumps in the Road  Malformed responses  Common one was getting back additional 0 bits in address ‒ Remember to chop it to NETMASK

16 16 Bumps in the Road  Different A records for nameservers w/ ECS ‒ example.com NS ns1.example.com ‒ ns1.example.com A 192.0.2.53 (for 1.2.3.0/24) ‒ ns1.example.com A 192.0.2.153 (for 1.2.4.0/24) ‒ ns1.example.com A 192.0.2.253 (no ECS) ‒ Which records should you use when resolving www.example.com for 1.2.3.0/24?  Discussion and clarification around this is welcome

Download ppt "1 Brian Hartvigsen Manager, Site Reliability Engineering Real World Impacts of EDNS Client Subnet."

Similar presentations

EDNS0 Client-Subnet for DNS based CDNs

EDNS0 Client-Subnet for DNS based CDNs
THE CASE FOR PREFETCHING AND PREVALIDATING TLS SERVER CERTIFICATES Emily Stark, Lin-Shung Huang, Dinesh Israni, Collin Jackson, Dan Boneh Presented by:

THE CASE FOR PREFETCHING AND PREVALIDATING TLS SERVER CERTIFICATES Emily Stark, Lin-Shung Huang, Dinesh Israni, Collin Jackson, Dan Boneh Presented by:
1 Server Selection & Content Distribution Networks (slides by Srini Seshan, CS CMU)

1 Server Selection & Content Distribution Networks (slides by Srini Seshan, CS CMU)
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.

DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.
How’s My Network (HMN)? A Java approach to Home Network Measurement Alan Ritacco, Craig Wills, and Mark Claypool Computer Science Department Worcester.

How’s My Network (HMN)? A Java approach to Home Network Measurement Alan Ritacco, Craig Wills, and Mark Claypool Computer Science Department Worcester.
EEC-484/584 Computer Networks Lecture 6 Wenbing Zhao

EEC-484/584 Computer Networks Lecture 6 Wenbing Zhao
Hitesh Ballani, Paul Francis(Cornell University) Presenter: Zhenhua Liu Date: Mar. 16 th, 2009.

Hitesh Ballani, Paul Francis(Cornell University) Presenter: Zhenhua Liu Date: Mar. 16 th, 2009.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Chapter 5 - TRANSPORT and NETWORK LAYERS - Part 2 - Static and Dynamic Addressing Address Resolution Dr. V.T. Raja Oregon State University.

Chapter 5 - TRANSPORT and NETWORK LAYERS - Part 2 - Static and Dynamic Addressing Address Resolution Dr. V.T. Raja Oregon State University.
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
NET0183 Networks and Communications Lecture 25 DNS Domain Name System 8/25/20091 NET0183 Networks and Communications by Dr Andy Brooks.

NET0183 Networks and Communications Lecture 25 DNS Domain Name System 8/25/20091 NET0183 Networks and Communications by Dr Andy Brooks.
DHCP Dynamic Host Configuration Protocol. What is DHCP?  It does name resolution (one more?!) DNS resolves IP numbers and FQDN WINS resolves NetBIOS.

DHCP Dynamic Host Configuration Protocol. What is DHCP?  It does name resolution (one more?!) DNS resolves IP numbers and FQDN WINS resolves NetBIOS.
Basic DNS Course Lecturer: Ron Aitchison. Module 1 DNS Theory.

Basic DNS Course Lecturer: Ron Aitchison. Module 1 DNS Theory.
IT:Network:Applications Fall 2009.  Running one “machine” inside another “machine”  OS in Virtual machines sees ◦ CPU(s) ◦ Memory ◦ Disk ◦ USB ◦ etc.

IT:Network:Applications Fall  Running one “machine” inside another “machine”  OS in Virtual machines sees ◦ CPU(s) ◦ Memory ◦ Disk ◦ USB ◦ etc.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.

Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.
Networking Feb. 6, 2008 by Larry Finger. Networking Hardware Glossary RJ45 – Official name for 8-pin connector Cat 5, 5E or 6 - Cable suitable for “high”-speed.

Networking Feb. 6, 2008 by Larry Finger. Networking Hardware Glossary RJ45 – Official name for 8-pin connector Cat 5, 5E or 6 - Cable suitable for “high”-speed.

Similar presentations

Ads by Google