Define a domains addresses sole in terms of another

[Clenna Lumina]

Barry Margolin wrote:
> In article <f727at$1er6$1 at sf1.isc.org>,
> "Clenna Lumina" <savagebeaste at yahoo.com> wrote:
>
>> Barry Margolin wrote:
>>> In article <f6u9f2$1uva$1 at sf1.isc.org>,
>>> Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
>>>
>>>>> webmail                          IN CNAME   www
>>>>
>>>> Forbidden, you cannot have a CNAME going to a CNAME.
>>>
>>> Yes you can.  The RFC recommends against it for performance reasons,
>>> but doesn't prohibit it.  It even mentions that resolvers must
>>> follow CNAME chains, but may have limits on the number of CNAMEs
>>> that will be followed in order to avoid loops.
>>>
>>> All the web sites that use DNS-based load balancing like Akamai and
>>> Savvis ITM would be in big trouble if CNAME chains weren't allowed.
>>>
>>> $ dig download.microsoft.com
>>>
>>> ; <<>> DiG 9.3.4 <<>> download.microsoft.com
>>> ;; global options:  printcmd
>>> ;; Got answer:
>>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5269
>>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL:
>>> 0
>>>
>>> ;; QUESTION SECTION:
>>> ;download.microsoft.com.      IN A
>>>
>>> ;; ANSWER SECTION:
>>> download.microsoft.com. 2566  IN CNAME main.dl.ms.akadns.net.
>>> main.dl.ms.akadns.net.  52 IN CNAME dom.dl.ms.akadns.net.
>>> dom.dl.ms.akadns.net.   52 IN CNAME dl.ms.d4p.net.
>>> dl.ms.d4p.net.    3790  IN CNAME dl.ms.georedirector.akadns.net.
>>> dl.ms.georedirector.akadns.net.  1189 IN  CNAME a767.ms.akamai.net.
>>
>>
>> That's odd... my locla bind server gives me a completely different
>> set of file A records:
>
> That's what Akamai (and other CDNs) does -- we have thousands of
> servers around the Internet, and use them to balance load and send
> you to the closest or least loaded server.  Different users will
> likely get different responses, and even a single user may get
> different responses if they wait 5-10 minutes between lookups.

While this can be a good thing, especially for an entity as large as 
Google.

>> Is this some sort of crazy load balancing akamai.net is doing? Seeing
>> all those CNAMEs when doing the lookup for 'akamai.net' seems VERY
>> inefficient.
>
> Yes, it's crazy load balancing.  It allows us to react quickly to down
> or overloaded servers, network congestion, routing problems, etc.
> Note that the first level of CNAMEs has reasonably long TTLs, and
> only the A records have very short TTLs, so you don't have to look up
> the entire CNAME chain every time.

Ok, but still, having tiny TTL's in the A records means there's going to 
be a LOT of activity between any slaves. While I understand that it's 
all in the name of load balancing, I still find it strange, as  I always 
understood having so many inconsistencies between slaves was something a 
good dns admin wants to avoid :)

> It works well enough that we were one of the top-growing companies in
> Massachusetts in the past few years and were just added to the S&P
> 500.
>
> Disclaimer: I work for Akamai, but I am not a spokesman.
>
> --
> Barry Margolin, barmar at alum.mit.edu
> Arlington, MA
> *** PLEASE post questions in newsgroups, not directly to me ***
> *** PLEASE don't copy me on replies, I'll read them in the group ***

Um, you realize this is /also/ a mailing list, right?

-- 
CL