Define a domains addresses sole in terms of another

Wed Jul 11 23:32:09 UTC 2007

In article <f727at$1er6$1 at sf1.isc.org>,
 "Clenna Lumina" <savagebeaste at yahoo.com> wrote:

> Barry Margolin wrote:
> > In article <f6u9f2$1uva$1 at sf1.isc.org>,
> > Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> >
> >>> webmail                          IN CNAME   www
> >>
> >> Forbidden, you cannot have a CNAME going to a CNAME.
> >
> > Yes you can.  The RFC recommends against it for performance reasons,
> > but doesn't prohibit it.  It even mentions that resolvers must follow
> > CNAME chains, but may have limits on the number of CNAMEs that will be
> > followed in order to avoid loops.
> >
> > All the web sites that use DNS-based load balancing like Akamai and
> > Savvis ITM would be in big trouble if CNAME chains weren't allowed.
> >
> > $ dig download.microsoft.com
> >
> > ; <<>> DiG 9.3.4 <<>> download.microsoft.com
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5269
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;download.microsoft.com.      IN A
> >
> > ;; ANSWER SECTION:
> > download.microsoft.com. 2566  IN CNAME main.dl.ms.akadns.net.
> > main.dl.ms.akadns.net.  52 IN CNAME dom.dl.ms.akadns.net.
> > dom.dl.ms.akadns.net.   52 IN CNAME dl.ms.d4p.net.
> > dl.ms.d4p.net.    3790  IN CNAME dl.ms.georedirector.akadns.net.
> > dl.ms.georedirector.akadns.net.  1189 IN  CNAME a767.ms.akamai.net.
> 
> 
> That's odd... my locla bind server gives me a completely different set 
> of file A records:

That's what Akamai (and other CDNs) does -- we have thousands of servers 
around the Internet, and use them to balance load and send you to the 
closest or least loaded server.  Different users will likely get 
different responses, and even a single user may get different responses 
if they wait 5-10 minutes between lookups.

> Is this some sort of crazy load balancing akamai.net is doing? Seeing 
> all those CNAMEs when doing the lookup for 'akamai.net' seems VERY 
> inefficient.

Yes, it's crazy load balancing.  It allows us to react quickly to down 
or overloaded servers, network congestion, routing problems, etc.  Note 
that the first level of CNAMEs has reasonably long TTLs, and only the A 
records have very short TTLs, so you don't have to look up the entire 
CNAME chain every time.

It works well enough that we were one of the top-growing companies in 
Massachusetts in the past few years and were just added to the S&P 500.

Disclaimer: I work for Akamai, but I am not a spokesman.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***