yahoo problem?

Kevin Darcy kcd at daimlerchrysler.com
Tue Aug 20 23:23:36 UTC 2002 

xiao at info.sta.net.cn wrote:

> I know that yahoo web server group contains two ip pools-64.58.76.~
> and 66.218.71~.They may use the dns trick to make server load
> balance.So sometimes their dns servers take www.yahoo.com to the ip
> pool 64.58.76.~,while other times they give the 66.218.71.~ instead.
>
> But nowadays their ip pool of 64.58.76.~ is block by 'someone' in
> China. I don't know the reason why they don't block the 66.218.71.~
> also.
>
> So the dilemma happened that when my DNS Servers get the result
> www.yahoo.com to 66.218.71.~.Everything is OK.
> But when result is 64.58.76.~.My users can not browser yahoo's web
> site.
> So the users complain about that these days.But I have no way to
> communicate with the 'blocker' in China.
>
> I find one of yahoo's dns server 193.108.91.150 and 193.108.91.151
> seems always tell me the result that www.yahoo.com to 66.218.71.~.
> So I make part of the file named.conf like,
> ....
> yahoo.com {
>  type forward;
>  forwarders { 193.108.91.150; }
> };
> ....
> So at the beginning the problem seems to be solved.But latter I found
> 193.108.91.150 also tell me www.yahoo.com to 64.58.76.~ sometimes.
> the problem happened again.So I think that if someone can tell me one
> of yahoo's dns server which always tell me
> www.yahoo.com-->66.218.71.~.So I
> can solve the problem temporarily.
> Or someone have some good methods to solve that?

Yahoo uses Akamai, so you really can't count on particular nameservers
always returning the same answers -- they'll return whatever they want,
based on load, what web servers are up/down, what they consider to be
the shortest network path, etc. etc.

There really is no good way around this problem using BIND or DNS. You
could define a fake "www.yahoo.com" and/or "yahoo.com" zone on your
nameservers, which would omit the "bad" IP addresses, but then you'd
constantly have to keep that in synch with the real zone(s).

Ultimately, this is a network connectivity issue, not a DNS issue. The
only good solution is to find out who is blocking this access and get
them to stop blocking it.


- Kevin

More information about the bind-users mailing list