Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Beware of Using Google Or OpenDNS For iTunes

timothy posted more than 3 years ago | from the speak-friend-and-enter-slowly dept.

Google 348

Relayman writes "Joe Mailer wanted to download an iTunes movie recently and his Apple TV told him it would take two hours. When he switched his DNS resolver settings, the download time dropped to less than 20 seconds. Apparently, iTunes content is served by Akamai which uses geolocation based on the IP address of the DNS request to determine which server should provide his content. When you use Google or OpenDNS to resolve the Apple domain name, all the requests to Akamai appear to be coming from the same location and they're all directed to the same server pool, overloading that pool and causing the slow downloads. The solution: be wary of using Google or OpenDNS when downloading iTunes files or similar large files. Use your own ISP's DNS servers instead or run your own resolving DNS server."

cancel ×

348 comments

Sorry! There are no comments related to the filter you selected.

Opposite Experience with Adobe Download (5, Informative)

eldavojohn (898314) | more than 3 years ago | (#34718708)

First, I was able to verify this with the iTunes download. My Cox DNS was 20 seconds while my Google DNS was 2 minutes 10 seconds.

But I just tested this on my own by using a different source that uses Akamai: Adobe.

So I picked a file at this URL: http://ardownload.adobe.com/pub/adobe/reader/unix/9.x/9.4.0/enu/AdbeRdr9.4-1_i486linux_enu.bin [adobe.com]

Sure enough, the initial server directed me to 72.215.224.16 with this partial tracert:

4 12 ms 10 ms 10 ms mrfddsrj02gex070002.rd.dc.cox.net [68.100.0.145]
5 17 ms 14 ms 12 ms ashbbprj01-ae0.0.rd.as.cox.net [68.1.0.220]
6 12 ms 15 ms 12 ms 72.215.224.16

Firefox told me this would take 3 Minutes and 35 Seconds.

Then, I set my DNS to the 8.8.8.8 and 8.8.4.4 addresses and tried it again. This time I was sent to 72.246.30.19 with this partial tracert:

4 11 ms 12 ms 14 ms mrfddsrj02gex070002.rd.dc.cox.net [68.100.0.145]
5 13 ms 11 ms 13 ms ashbbprj01-ae0.0.rd.as.cox.net [68.1.0.220]
6 17 ms 17 ms 13 ms ge13-1.br01.ash01.pccwbtn.net [63.218.44.125]
7 21 ms 18 ms 12 ms akamai.ge13-4.br02.ash01.pccwbtn.net [63.218.94.142]
8 17 ms 18 ms 13 ms a72-246-30-19.deploy.akamaitechnologies.com [72.246.30.19]

Surprisingly, this second server that I was directed to using Google DNS only took 10 seconds to download the same file. I did it a second time and it took 30 seconds.

Now after restoring my default DNS resolution that URL continually directs me to 72.215.224.40 and the download is as speedy as the Google DNS. If I switch back to Google DNS it now continually directs me to 72.246.30.32 so you can see that there's some load balancing going here that apparently can be divvied up by geographic location for some of their customers. Apparently Apple needs to investigate the same solution that Adobe is using from Akamai. Which doesn't consider everything from Google DNS being fulfilled from a west coast replication server?

Re:Opposite Experience with Adobe Download (2)

sumdumass (711423) | more than 3 years ago | (#34719034)

I though Google used Anycast [wikipedia.org] just like the rest of the large providers. Perhaps it's a routing issue where Google's servers are separated a bit geographically from certain people and the servers they are wanting to connect to?

Re:Opposite Experience with Adobe Download (1, Informative)

sleeper0 (319432) | more than 3 years ago | (#34719088)

Two hours vs. instant streaming isn't a localization issue, you can easily stream 1-2mbps (or much more) from half way around the world. ~100ms in latency is nothing with a fat, non time sensitive stream like recorded video.\

It sounds like the specific POP the google DNS server is being fed is overloaded with traffic. It should be fairly easy for Apple to resolve the problem on their end, by simply not resolving to overloaded pops (they shouldn't ever anyway).

Other video cdn backed services (like netflix) don't suffer POP overloading on public DNS servers like GTE or open.

Re:Opposite Experience with Adobe Download (1)

wagnerrp (1305589) | more than 3 years ago | (#34719280)

It sounds like the specific POP the google DNS server is being fed is overloaded with traffic.

That sounds exactly what was surmised in the summary.

When you use Google or Open DNS to resolve the Apple domain name, all the requests to Akamai appear to be coming from the same location and they're all directed to the same server pool, overloading that pool and causing the slow downloads.

Re:Opposite Experience with Adobe Download (1)

JS_RIDDLER (570254) | more than 3 years ago | (#34719270)

Re:Opposite Experience with Adobe Download (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#34719358)

I'm not familiar with exactly what the options and price sheet are from Akamai, they aren't nearly as 'consumery' about it as Amazon EC2 is, more of a 'our rep will call you' sort of thing; but one wonders if Apple(who serves huge amounts of audio and video at relatively low prices, and presumably fairly low margins, is cheaping out in a way that Adobe isn't...

Presumably, Akamai uses their geolocation trickery because local deliveries are faster and cheaper. No need to traverse numerous hops, possibly controlled by others prickly about peering, and so forth. However, unless Akamai is secretly denser than a sack of hammers(which seems out of character) they should know that using the massively overloaded system, no matter how local, is going to be worse than using a more distant; but more lightly loaded, one. However, if there is a cost difference between local and distant, that isn't necessarily something that they would offer to their customers for free...

Good advice - Always use your ISP for DNS (2, Funny)

crusty_architect (642208) | more than 3 years ago | (#34718710)

This is a very widespread practice now. Use your own ISP for DNS.

Re:Good advice - Always use your ISP for DNS (1)

jaymz666 (34050) | more than 3 years ago | (#34718750)

yeah, cause comcast and at&t never have DNS outages... Last month Comcast had a huge DNS outage, I didn't even notice it since I have been using openDNS for years. My MIL called me up saying her internet was down, I had her ping some IPs and they worked, but DNS didn't. Changed her over to opendns and it worked fine after that.

Re:Good advice - Always use your ISP for DNS (1)

Anonymous Coward | more than 3 years ago | (#34718812)

yeah, since you can't set secondary dns servers in any modern os...

Re:Good advice - Always use your ISP for DNS (1)

jaymz666 (34050) | more than 3 years ago | (#34719010)

Sure you can, Primary and secondary are setup to openDNS on my router...

Re:Good advice - Always use your ISP for DNS (1)

devilspgd (652955) | more than 3 years ago | (#34719036)

Which is fine, except that you'll hit the "wrong" Akamai servers for your network.

My question is why Akamai is using DNS for their geo-load-balancing rather than anycasting the content servers themselves.

Re:Good advice - Always use your ISP for DNS (1)

crusty_architect (642208) | more than 3 years ago | (#34719320)

Anycast == Hard, DNS == Easy...

Re:Good advice - Always use your ISP for DNS (0)

Anonymous Coward | more than 3 years ago | (#34719098)

I'm guessing they don't have sarcasm where you're from.

Re:Good advice - Always use your ISP for DNS (5, Funny)

CheerfulMacFanboy (1900788) | more than 3 years ago | (#34719138)

yeah, since you can't set secondary dns servers in any modern os...

Sure you can, Primary and secondary are setup to openDNS on my router...

Do they resolve wooosh.com?

Re:Good advice - Always use your ISP for DNS (1)

Demonoid-Penguin (1669014) | more than 3 years ago | (#34719338)

yeah, since you can't set secondary dns servers in any modern os...

:-D

You're aiming too high for this crowd.... ;-p

Re:Good advice - Always use your ISP for DNS (5, Funny)

MachDelta (704883) | more than 3 years ago | (#34719018)

MIL - I realized after a few seconds that probably stands for "Mother-In-Law", but the mechanic in me instantly interpreted it as "Malfunction Indicator Lamp."

Shortly after that I had a chuckle upon realizing that they're both things no one likes to see.

Re:Good advice - Always use your ISP for DNS (0)

Anonymous Coward | more than 3 years ago | (#34718768)

Unless you have Road Runner, who can't seem to keep a resolving DNS infrastructure online reliably.

Re:Good advice - Always use your ISP for DNS (2)

a_nonamiss (743253) | more than 3 years ago | (#34719142)

I guess everyone's mileage varies. I've been using RoadRunner in Central Ohio since 1998. (I was a residential beta tester back when you had to install a RoadRunner client and "sign in" to a proxy server using a Kerberos token.) I've had both residential and business class service, and I can only recall one DNS outage which lasted about an hour. Now, I won't say there weren't other outages. We had one winter where the physical circuit went down 5 times in 2 months due to weather-related problems. But DNS has always been rock solid for me.

Re:Good advice - Always use your ISP for DNS (1)

wagnerrp (1305589) | more than 3 years ago | (#34719286)

We have a business class RoadRunner line in south west Ohio, and their DNS servers have all sorts of problems.

Re:Good advice - Always use your ISP for DNS (1)

fast turtle (1118037) | more than 3 years ago | (#34719148)

and that's one of the reasons I added the Google DNS server as a secondary to my router. Solves the damn problem when TW/RR suffers another DNS failure.

Re:Good advice - Always use your ISP for DNS (1)

Anonymous Coward | more than 3 years ago | (#34718786)

Use your own ISP for DNS.

No can do. My ISP's DNS redirects unresolvable queries to a bunch of ads. Google's DNS works much better, and is easier (8.8.8.8) to remember.
It may work fine for Apple TV, whatever that is, but otherwise not so much.

Re:Good advice - Always use your ISP for DNS (4, Insightful)

shentino (1139071) | more than 3 years ago | (#34718800)

Only if I trust them not to fuck with it.

Re:Good advice - Always use your ISP for DNS (1)

Z00L00K (682162) | more than 3 years ago | (#34719310)

Which they do for me, so I run my own DNS.

Re:Good advice - Always use your ISP for DNS (1)

0100010001010011 (652467) | more than 3 years ago | (#34718808)

Too bad modern OSes only have a spot for a single DNS server. Otherwise you could add multiple.

Add Multiple.
Drop Timeout Time.
Enjoy.

If Comcast goes down, I'll fail over to Verizon/Google. If Comcast is up it knows my location.

Re:Good advice - Always use your ISP for DNS (1)

omglolbah (731566) | more than 3 years ago | (#34718978)

Um, I know it is early (6am here for me...) but which modern OS only supports one server?...

Win7 supports a long list if you so desire, as does linux...

Or did you typo? :p

Re:Good advice - Always use your ISP for DNS (2)

camperdave (969942) | more than 3 years ago | (#34719116)

Um, I know it is early (6am here for me...) but which modern OS only supports one server?...

Grab your morning coffee and fire up the sarcasm detector.

Re:Good advice - Always use your ISP for DNS (1)

jaymz666 (34050) | more than 3 years ago | (#34718980)

yeah, so using the DNS servers from comcast that are provided by DHCP never change for you, huh. Troubleshooting that mess is a pita.

Re:Good advice - Always use your ISP for DNS (1, Troll)

TheRealGrogan (1660825) | more than 3 years ago | (#34719110)

Umm no, I think I'll just pass on those services if they are that daft, thanks.

Fuck akamai... if any software delivery system or service is slow for me because of content distribution tomfoolery, I simply won't use it. I would never have anything to do with iAnything in the first place, though.

Most ISP's DNS servers suck... and the whole reason I started using OpenDNS is because the ISP's were slow to respond, and the primary was often out and there were delays until the resolvers queried the secondary.

Hell, even my ISP's DNS servers that I would otherwise get assigned aren't exactly local.

A big, fat, monopolistic communications company that didn't get broken up on our side of the fence (in Canada) that doesn't care about their customers. Unfortunately it's the best Internet connection (DSL) I can get where I live. I could throw a stone and hit houses on nearby streets that have fiber, but they aren't bringing it to me because there's nothing but dead people that live on my street. (and the rest are just summer cottages)

DNS is only meant to be used for resolving hostnames and IP addresses. Any other inference people choose to make from any part of it for any purpose is wrong.

Re:Good advice - Always use your ISP for DNS (0)

Anonymous Coward | more than 3 years ago | (#34719366)

Fuck akamai... if any software delivery system or service is slow for me because of content distribution tomfoolery, I simply won't use it.

You funny. You use Akamai in 90% of the places you think you do, and 80% of places you think you don't. Nice idea though.

Re:Good advice - Always use your ISP for DNS (1)

HeronBlademaster (1079477) | more than 3 years ago | (#34719162)

Use your own ISP for DNS.

When you first get a Comcast account, before you've registered your modem's MAC address with them, they give you an IP address but the DNS server they give you always points you at their registration server. Trouble is, the database that the DNS server reads out of can sometimes get out of sync with what modems are actually registered, and there's nothing Comcast's first- or second-level techs can do about it other than to tell you how to set your DNS servers manually to something else (they'll give you the IPs of the regional Comcast DNS servers). (This happened to my dad when he signed up.)

So... you'll forgive me if I'm wary of using the DNS servers my ISP gives me.

Re:Good advice - Always use your ISP for DNS (1)

Demonoid-Penguin (1669014) | more than 3 years ago | (#34719172)

This is a very widespread practice now. Use your own ISP for DNS.

Who's your ISP? Do they operate in Australia?

(currently) 3 Mobile, and Vodaphone, have very slow, and unreliable, DNS.

google.com and google.com.au averaging about 350 ms, at present neither ISP is able to resolve their own address (sigh) ping three.com.au PING three.com.au (203.37.69.133) 56(84) bytes of data. ^C --- three.com.au ping statistics --- 25 packets transmitted, 0 received, 100% packet loss, time 2015ms and that's while using a three connection! (how does that work?)

BigPuddle doesn't resolve address URL's that google DNS does (wikileaks, piratebay, and others)

I use a DNS cache on the firewall, pointed at googledns. I'll have to try opendns and compare.

Dunno about iTunes...

Re:Good advice - Always use your ISP for DNS (1)

aiht (1017790) | more than 3 years ago | (#34719294)

ping three.com.au
PING three.com.au (203.37.69.133) 56(84) bytes of data.


^C
--- three.com.au ping statistics ---
25 packets transmitted, 0 received, 100% packet loss, time 2015ms

But that did resolve.
I'm confused... are we talking about DNS lookups or ping?

Anyway, three.com.au doesn't respond to ICMP Echo Requests, no matter which ISP you're connected to. Many sites don't.*
If you want to test connectivity to a website, telnet to port 80.

* iinet.net.au, westnet.com.au, internode.on.net, bigpond.com.au - all allow pings.
three.com.au, vodaphone.com.au, virginmobile.com.au, telstra.com.au - all block pings.

Re:Good advice - Always use your ISP for DNS (1)

crusty_architect (642208) | more than 3 years ago | (#34719342)

BigPond actually has the most robust DNS infrastructure in Australia..

Re:Good advice - Always use your ISP for DNS (1)

d6 (1944790) | more than 3 years ago | (#34719192)

my (former) ISP took a looooong time to patch that poisoning exploit last year. I quit using them for DNS then.

Re:Good advice - Always use your ISP for DNS (3, Interesting)

Z00L00K (682162) | more than 3 years ago | (#34719298)

I already do, and since my ISP censors the internet through their DNS there is no alternative to go back to them.

And a cleaned up version of my config. It doesn't involve the ISP at all but queries the root servers on the net instead.

And as long as the ISP:s doesn't filter the DNS requests to the root servers this is the way to go right now.


options {
                allow-query {
                                127.0.0.1;
                                192.168.0.0/16;
                };
                directory "/var/named";
                pid-file "/var/run/named/named.pid";
                recursion yes;
                dnssec-validation no;
};

key mykey. {
                algorithm HMAC-MD5;
                secret "** Secretas... ***";
};

zone "." {
                type hint;
                file "root.hints";
};

zone "int.anon.org" {
                type master;
                allow-update { key mykey.;};
                file "int.anon.org.db";
                notify yes;
};

zone "1.168.192.in-addr.arpa" {
                type master;
                allow-update { key mykey.;};
                file "1.168.192.db";
                notify yes;
};

zone "localdomain" {
                type master;
                file "localhost.db";
                notify no;
};

zone "0.0.127.in-addr.arpa" {
                type master;
                file "0.0.127.db";
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
                type master;
                file "ip6.local.db";
                allow-update { none; };
};

Re:Good advice - Always use your ISP for DNS (1)

Z00L00K (682162) | more than 3 years ago | (#34719306)

Sorry - It should have read use your own DNS...

Re:Good advice - Always use your ISP for DNS (1)

mysidia (191772) | more than 3 years ago | (#34719444)

This is a very widespread practice now. Use your own ISP for DNS.

Your ISP uses the same DNS servers nationwide.. so how exactly do you think this is better than using Google or OpenDNS DNS servers?

Alternate solution (-1)

Anonymous Coward | more than 3 years ago | (#34718716)

Or just don't use that malware called iTunes. Horrible piece of software. Criminal that you need to install it to install Quicktime.

Re:Alternate solution (0)

Anonymous Coward | more than 3 years ago | (#34718752)

iTunes is great on the Mac.

Re:Alternate solution (1, Insightful)

Excelsior (164338) | more than 3 years ago | (#34718834)

Really? You mean on the Mac it isn't required to set up an IPhone or IPad that have no business relying on a desktop machine? You mean it isn't required I sync with it just to get Podcasts onto a device that already has internet connectivity? You mean on Mac it doesn't have a proprietary, signed procedure for syncing music to IPhone/IPod Touch/IPad, that makes it completely impossible to develop competing software without breaking the DMCA?

Sure the "ITunes experience" doesn't suck as hard on the Mac as it does on other platforms, but it still sucks. As GP says it's malware, only I would elaborate and say its malware that malicious to an entire industry.

Re:Alternate solution (0)

Anonymous Coward | more than 3 years ago | (#34718956)

"As GP says it's malware, only I would elaborate and say its malware that malicious to an entire industry." - it might not be the most optimized piece of software on earth but to call it malware just exposes you as a someone who has hopped on the anti-Apple bandwagon because it's trendy.

Re:Alternate solution (0)

Anonymous Coward | more than 3 years ago | (#34719038)

yEA But Apple still sucks I mean come on, it's trendy for a reason. I like real Apples and the company Apple doesn't taste like a nice, fine, red delicious on a sunny afternoon, its sweet nectar dripping from my chin hairs and sliding its way down my chest to my erect nipples where it pools for a moment and then gravity finally exerts the full strength of its power, drawing the sweet juices farther down towards my waiting

Re:Alternate solution (0)

Anonymous Coward | more than 3 years ago | (#34719302)

fwiw, you do not need to sync to get podcasts. you can get them directly on the iThing without using itunes. at least with the most recent ios.

Re:Alternate solution (1)

FictionPimp (712802) | more than 3 years ago | (#34718784)

Very criminal when you consider that you do NOT need to install iTunes just to install quicktime.

Re:Alternate solution (1)

hedwards (940851) | more than 3 years ago | (#34718888)

That's true. However they do require you to install quicktime in order to get the codecs, unless I'm missing something. And for whatever reason Apple insists on not using any native widgets. Which means that not only are you installing crapware, but it also looks ugly on top of that.

Re:Alternate solution (0)

Anonymous Coward | more than 3 years ago | (#34718992)

What the fuck are you smoking? The discussion is about being forced to install itunes in order to install quicktime, not the other way around.

Re:Alternate solution (1)

Jeff DeMaagd (2015) | more than 3 years ago | (#34718872)

If only ignorance is criminal too.

Maybe at one time, iTunes was the only way to get Quicktime, but if that's true, that was years ago.

http://www.apple.com/quicktime/download/ [apple.com]

I think you'd find some people saying QuickTime is criminal too, but I think that's a different discussion.

Re:Alternate solution (2)

devilspgd (652955) | more than 3 years ago | (#34719050)

You don't need to install iTunes to install QuickTime. Sadly, you do need QuickTime to install iTunes. Which is the lessor evil depends on your needs, but I'd be thrilled to have iTunes alone without QuickTime, Bonjour or the host of kernel mode crap it installs.

Re:Alternate solution (2)

dangitman (862676) | more than 3 years ago | (#34719236)

Which is the lessor evil depends on your needs,

Well, since neither Quicktime or iTunes is leased to you, I guess that means neither is a lessor evil.

Re:Alternate solution (1)

devilspgd (652955) | more than 3 years ago | (#34719274)

Fair enough.

thirst most! (0)

Anonymous Coward | more than 3 years ago | (#34718720)

yes

Re:thirst most! (1)

blai (1380673) | more than 3 years ago | (#34718880)

whose DNS were you using?

Re:thirst most! (1)

JustOK (667959) | more than 3 years ago | (#34719382)

1.2.3.45 same as my luggage uses.

Be wary of using iTunes. (-1)

Anonymous Coward | more than 3 years ago | (#34718730)

Be wary of using iTunes if, well, if... if you use iTunes.

Re:Be wary of using iTunes. (0)

Anonymous Coward | more than 3 years ago | (#34719272)

Amen! It's buying content from iTunes like highly immoral, well maybe not so immoral as buying from Amazon or a CD store, but immoral none the less.

good technical discussion of this at HN (1)

harlows_monkeys (106428) | more than 3 years ago | (#34718740)

There's some good technical discussion in the Hacker's News discussion [ycombinator.com] of this issue.

Namebench DNS tool (5, Interesting)

maggotbrain_777 (450700) | more than 3 years ago | (#34718772)

This afternoon, I found a tool from Google Code called namebench [google.com] which tests response times against multiple DNS servers and give recommendations based upon a number of query types. The results returned when checking the 'censorship tests' were interesting. Seems a number of sites (wikileaks, isohunt, stormfront) returned 'incorrect' results across DNS servers. I'm going to try this over the next couple of days and see if any of my browsing speeds improves.

You would think. (0)

SchizoStatic (1413201) | more than 3 years ago | (#34718776)

Why do they use the dns for the geo location and not the ip address itself? You would think that would make way more sense.

Re:You would think. (1)

nedlohs (1335013) | more than 3 years ago | (#34718826)

Their DNS server never knows your IP since if the name result isn't cached by the DNS server you are using then that server makes the request to them not your computer and hence they either see nothing or the IP of the DNS server you are using.

Re:You would think. (0)

Anonymous Coward | more than 3 years ago | (#34719346)

Your attempted answer is grammatically retarded and ambiguous in the extreme. Don't talk to people; it doesn't help.

Why do they use the dns for the geo location and not the ip address itself? You would think that would make way more sense.

What makes way more sense to the CDN is throughput, latency and low cost. You expect the CDN's content server to analyse the clients IP address and redirect the client to another, more optimal, server. That is a bunch of additional latency and cost that can be avoided by effectively performing the 'redirection' in DNS.

Google anticipated all this when they created their service. Google has published an IETF draft proposal that allows a client to embed part of its IP address (/24) in a DNS query. With that a client can use any compliant resolver and the CDN's authoritative server will produce the optimal response for the actual client.

Problem is the Google solution requires compliance from everyone involved; the client, or at least the client's resolver must add the partial client IP address to the query and the CDN must use this information in lieu of the resolver's address. Also, the firewalls, proxies, etc. in between must not strip this extra query information, and caches must be elaborated to include the new client info in the cache index tuple.

There are costs associated with Internet traffic. These costs are minimised by distributing content and reducing round-trips. The content distributors are going to do whatever it is they must do to achieve minimal costs. This is the cold, hard truth of the matter and what Paul Vixie or whomever else thinks doesn't automatically trump the bean-counters. If the IETF can't see their way clear to a solution that addresses the problem then the CDNs will make their own. If the Google solution is unacceptable then bring something else to the table; yapping at CDNs from the IETF peanut gallery won't help.

Re:You would think. (4, Informative)

Timothy Brownawell (627747) | more than 3 years ago | (#34718852)

They only find out your IP address after it's too late.

  1. Your computer asks a DNS resolver where the server is.
  2. The DNS resolver asks Apple's (well, Akami's) DNS server where the server is.
  3. The DNS server guesses the closest server, but all it has available to work with is the address of the resolver.
  4. Your computer uses that answer to contact the server and download whatever. If it was given the wrong server, it's too late now.

Re:You would think. (1)

crankyspice (63953) | more than 3 years ago | (#34719096)

Your computer uses that answer to contact the server and download whatever. If it was given the wrong server, it's too late now.

Why is that too late? See the IP address, issue a redirect to the appropriate server. In HTTP that's as simple as issuing a 302 response and a Location: header. (I haven't Wiresharked iTMS to see how it's connecting, but it would be a dead simple change to the protocol to insert a handshake step that occurs before the substantive transfer begins. Overhead would be negligible.)

Re:You would think. (0)

Anonymous Coward | more than 3 years ago | (#34719218)

Your making a couple of incorrect assumptions.
1. All content is delivered via HTTP. While most static content is, video streaming often using other protocols.
2. The client accessing the cdn can fallow redirects.

HTTP Live Streaming (1)

SuperKendall (25149) | more than 3 years ago | (#34719364)

Pretty sure Apple is using all HTTP Live Streaming at this point, which in fact is all based on HTTP...

Also I have worked with a lot of applications that stream or play media now, and generally it's been done over HTTP - I'd say that's more the rule than the exception.

And if an HTTP client can't follow redirects it's not really an HTTP client - that's pretty basic stuff, I can't fathom there is anything that wouldn't obey a re-direct (unless it was doing so on purpose).

Re:You would think. (1)

xnpu (963139) | more than 3 years ago | (#34719254)

Indeed. HTTP might be a bit slower and not benefit from the ISP's DNS caching, but in conjunction with the DNS method it would provide an acceptable correction method. Rather wait 1 more second for the download to start then to download at painfully low speeds.

Re:You would think. (1)

deniable (76198) | more than 3 years ago | (#34719438)

I may have to sniff some traffic going to Apple. For some reason their software updates kill our filters. I wouldn't be surprised to find they've made a 'custom' HTTP for themselves.

Re:You would think. (1)

crf00 (1048098) | more than 3 years ago | (#34719166)

I already knew this, but now it makes me think why not we instead use HTTP redirection strategy? That is, say the client hits the server directly at http://example.com/very-large-file.zip [example.com] , the server detects the client's IP and permanently redirects it to http://[location].static.example.com/very-large-file.zip [example.com] , where static.example.com is a subdomain managed by Akamai and [location].static.example.com always resolves to CDN node nearest to the specified location regardless of the client's IP address.

Re:You would think. (1)

tsj5j (1159013) | more than 3 years ago | (#34719186)

It's not too late at all.
The HTTP server can redirect you based on your location.

Just wondering.... (-1, Offtopic)

tpstigers (1075021) | more than 3 years ago | (#34718788)

Can anyone tell me how Net Neutrality would fix this?

Re:Just wondering.... (0)

Anonymous Coward | more than 3 years ago | (#34718822)

It wouldn't...?

They aren't doing network shaping through packet analysis, they are using DNS to determine which server is geographically closest to you, which (usually) causes better network speeds.

Re:Just wondering.... (1)

hedwards (940851) | more than 3 years ago | (#34718914)

It wouldn't and really shouldn't. CDNs are there to ensure that the least amount of infrastructure is used for each request. Meaning that they try to put the server as close to your physical location as possible. If anything, net neutrality would encourage this as it would be easier to have a CDN covering both Qwest and Comcast in a given region or whatever the options are in your area.

Why (1)

xaoslaad (590527) | more than 3 years ago | (#34718794)

I have to ask why they are playing games with dns rather than using some kind of LB solution to direct users to the closest server(s) based on the client ip address. Is this not feasible or is it cost prohibitive; the method theyre using seems crazy to me though i fully admit to not being up to speed on high level networking design.

Re:Why (2)

omglolbah (731566) | more than 3 years ago | (#34718866)

The beauty of the DNS "trick" is that a user requesting say "yadiyadi.com/media/cheez.mp4" in Norway would get one IP and a client in say Australia would get a completely different IP. This makes the whole CDN implementation a whole lot easier as you avoid the whole negotiation issue by having the domain resolve to different IPs based on the source of the request.

This is overly simplified of course.

It works for the vast majority of users too.

Re:Why (1)

xnpu (963139) | more than 3 years ago | (#34719268)

While it's arguably "prettier" I don't see anything wrong with old school redirects though. Either using 302's or "sourceforge" style.

Source location is a bandaid (1)

Anonymous Coward | more than 3 years ago | (#34718830)

If some of the server pools are being overloaded while others are sitting relatively load free, source location is obviously not the best choice for load balancing. Sure, it may work most of the time but I'm sure ISP's dns server locations are not equally spaced around either. I am in VA and the Comcast DNS address I have are in NJ. I guess that is not too bad but how many people from Comcast are using those same DNS addresses?

Hrmmm (0, Troll)

StripedCow (776465) | more than 3 years ago | (#34718846)

Such a basic operation, and still not working as intended? Something is terribly wrong here if you ask me...

It must be Apple's "magic" that's causing the trouble.

Re:Hrmmm (1)

mini me (132455) | more than 3 years ago | (#34718958)

It is actually a pretty complicated problem, finding the IP address of the nearest host based on a domain name, solved in a fairly elegant way.

The only problem here is that you are being passed the address near Google instead of your ISP, which means that you miss out on the benefits of finding a host nearby that is only a few hops away.

Re:Hrmmm (2)

socsoc (1116769) | more than 3 years ago | (#34719012)

Elegant? Misusing DNS to make a CDN faster isn't elegant.

Re:Hrmmm (5, Insightful)

Desert Raven (52125) | more than 3 years ago | (#34719246)

No, it's not particularly elegant. But on the other hand, split-horizon DNS is nothing new or magical either. Nor would I classify it as "abuse". The capability has been there since the early days of BIND.

In the DNS trade, we refer to it under the category of "stupid DNS tricks"

That said, it does have some significant advantages over other techniques.

#1, It's protocol-independent. Sure you can do intelligent redirects with HTTP, but not everything in the world is HTTP
#2, Even with HTTP, in order for it to work, you have to now change the name of the server, and often the links to internal content. Your initial request to www.domain.com will now have to be redirected to hostx.domain.com or www.location.domain.com etc., and links on the pages to content servers will also have to be altered. This can be confusing to end-users, and may require additional SSL certs. It's also a code maintenance issue.
#2a, While the renaming seems trivial on first glance, it has HUGE implications for search engines, etc, since those "local" servers will get indexed instead of a generic name
#2b, It also means that a calculation will have to be made by the web server deciding where to redirect you to, then the actual redirect, increasing load and latency. DNS solutions are "pre-computed" and thus do not have similar issues.
#2c, If you solve 2a by checking every request at every location, you make 2b much worse
#3, It's simple.

Downsides:

#1, Third-party DNS recursive services throw it off. (There is a proposed RFC that would allow for such recursives to pass the originating network in the request)
#2, It makes DNSSEC a right royal PITA (Much more than it already is)

Re:Hrmmm (2)

Gadget_Guy (627405) | more than 3 years ago | (#34719136)

It must be Apple's "magic" that's causing the trouble.

No, it is not Apple's fault. Anyone using Akamai would have the same problem. I think Microsoft use them for Windows Updates too.

I don't use either (1)

93 Escort Wagon (326346) | more than 3 years ago | (#34718850)

I've used our university's DNS servers as primary for over a decade, with whatever my current ISP is as secondary. I haven't had any complaints.

sounds like an apple problem (0)

Dan667 (564390) | more than 3 years ago | (#34718854)

doesn't apple still watermark all their content anyway? Seems like you should be buying it from somewhere else for both reasons.

Re:sounds like an apple problem (0, Offtopic)

greerga (2924) | more than 3 years ago | (#34718918)

"As of the January 2009 Macworld Expo, Apple has announced that all music in iTunes will be available without DRM, and encoded at the higher-quality rate of 256 kbit/s."

http://en.wikipedia.org/wiki/ITunes_Music_Store [wikipedia.org]

Re:sounds like an apple problem (2)

devilspgd (652955) | more than 3 years ago | (#34719080)

Right... Without DRM, but with a watermark (in other words, if you download a Miley Cyrus song and share it, anyone else who gets access to it can track it back to you)

That being said, I have a lot of trouble getting upset over the fact that purchased content is watermarked. As long as I'm not distributing the content, who cares?

just a thought. (-1, Flamebait)

Anonymous Coward | more than 3 years ago | (#34718934)

another solution is to avoid downloading crap from apple,........

talk's cheap fucker (-1)

Anonymous Coward | more than 3 years ago | (#34718966)

another solution is to avoid downloading crap from apple,........

Talk's cheap fucker, how about providing a superior solution?

Re:talk's cheap fucker (0)

DAldredge (2353) | more than 3 years ago | (#34719046)

Amazon's MP3 store.

Re:talk's cheap fucker (0)

Anonymous Coward | more than 3 years ago | (#34719260)

Amazon's MP3 store.

Strange world you live in, to recommend an Amazon "We delete your property" solution as "superior"

Re:talk's cheap fucker (0)

Anonymous Coward | more than 3 years ago | (#34719356)

Amazon's MP3 store.

Strange world you live in, to recommend an Amazon "We delete your property" solution as "superior"

Ding Ding! We have a winner!

Or use your own DNS (1)

La Gris (531858) | more than 3 years ago | (#34718942)

I use to setup my own DNS at home and casually use forward zones when needed. I started this when ther was that issue with redirecting non existant names.

Sure, not every one should do this as it stress load root servers and some ISP may redirect UDP/TCP 53 to their own servers. BTW, that's still my way of using DNS.

Um .. duh (0)

Anonymous Coward | more than 3 years ago | (#34718962)

This isn't Apple's fault. It's also not Akamai's fault. They're trying to provide the best user experience by directing a client to the "closest" server. This is accomplished by the global load balancer answering DNS queries with the IP address of a server that's close to the source. But, because of how DNS works, the only information they have to work with is the IP address of the client's DNS server ... not the actual client's IP address. So, if you use a DNS server that's clear across the country from you (or worse yet, one on a different continent!), you're likely to get directed to a server you don't really want to use.

M$ does it too... (1, Informative)

alanshot (541117) | more than 3 years ago | (#34718998)

Microsoft does this too. After scratching my head over the past several weeks trying to figure out why I cant download M$ files worth crap half the time, this appears to be why.

Re:M$ does it too... (0)

Anonymous Coward | more than 3 years ago | (#34719092)

What is M$? Is it some sort of FUCKING RETARDED way of typing MS? I think it is.

So the moral of the story is... (1)

CAIMLAS (41445) | more than 3 years ago | (#34719082)

So the moral of the story here is not that Google and OpenDNS services are bad, but that Apple's iTunes QoS methods are of "questionable quality" - at best.

How did this make Slashdot's frontpage, again? Maybe this should be filed as a bug report to Apple (do they read those?) instead.

To who again? (1)

SuperKendall (25149) | more than 3 years ago | (#34719374)

The moral the the story would appear to be that more people on Slashot need to read up on what CDN's are and who runs them.

Multiple DNS feature? (2, Interesting)

Anonymous Coward | more than 3 years ago | (#34719102)

Seems like it would be useful to use multiple DNS servers and then choose whichever one has the fastest download and abandon the other connections.

Do any browsers/OSs/whatever have this feature? As I understand it, the secondary DNS feature only uses the secondary server when the primary server is down.

And how is this news? (2)

xnpu (963139) | more than 3 years ago | (#34719202)

This applies to tons of GEO-optimized services and has been this way since day one. Really, how is this news?

Re:And how is this news? (4, Interesting)

xnpu (963139) | more than 3 years ago | (#34719216)

BTW - Remember when Google proposed to modify the DNS protocol to pass on the end-users IP? This is exactly why.

Old news, you've just figured this out? (0)

Anonymous Coward | more than 3 years ago | (#34719308)

Let me get this right, you've just figured this out? People have been using DNS and IP based location load balancing for years google, yahoo, facebook, limelight networks, akamai you name it is doing it ie. content delivery networks and ip aka location based load balacing\site selection. e. Getting the content closer to the end users, improving experience, tayloring experience based on location. I remember for quite awhile several years google's appliances though apnic netblock was taiwan based, eventually databases were updated with the correct country code being attached to the allocation directing content to the correct country based experience. Old news.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>