Re: DNS Based Load Balancers
On Sun, 2 Jul 2006, Patrick W. Gilmore wrote: Would you mind giving us a little more to go on than the love of god before making strategic architectural decisions? Just in case we like to decide things for ourselves. :) Patrick, I am sorry if I have hit a nerve with you- it seems you've got a vested interest in the answer to this question, and I appreciate your position. For instance, was F5's implementation flawed, or do you have a reason to dislike the basic idea? And why? For the record, what I _should_ have advised the OP was for the love of god, don't try to do this yourself with an appliance. I wholeheartedly encourage him to give his local Akamai sales rep a call. I am sorry for the confusion and angst my brevity has caused. cheers, matto [EMAIL PROTECTED]darwin Moral indignation is a technique to endow the idiot with dignity. - Marshall McLuhan
RE: DNS Based Load Balancers
Matt, A few quick questions for you, if you got the time to answer it would be appreciated (questions inline): -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Ghali Sent: 04 July 2006 07:21 To: Patrick W. Gilmore Cc: nanog@merit.edu Subject: Re: DNS Based Load Balancers On Sun, 2 Jul 2006, Patrick W. Gilmore wrote: Would you mind giving us a little more to go on than the love of god before making strategic architectural decisions? Just in case we like to decide things for ourselves. :) Patrick, I am sorry if I have hit a nerve with you- it seems you've got a vested interest in the answer to this question, and I appreciate your position. For instance, was F5's implementation flawed, or do you have a reason to dislike the basic idea? And why? For the record, what I _should_ have advised the OP was for the love of god, don't try to do this yourself with an appliance. I wholeheartedly encourage him to give his local Akamai sales rep a call. I am sorry for the confusion and angst my brevity has caused. We work with a couple of different technologies here - our own GSS's, cache farms and also external CDNs (for overflow). This is currently and area that is currently under evaluation for a quite significant expansion. Are you able to give some kind of description as to the problems you experienced whilst using your own appliances? It would be very useful to be able to avoid making the same mistakes. Sam
Re: DNS Based Load Balancers
On 7/4/06, Sam Stickland [EMAIL PROTECTED] wrote: Matt, A few quick questions for you, if you got the time to answer it would be appreciated (questions inline): -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Ghali Sent: 04 July 2006 07:21 To: Patrick W. Gilmore Cc: nanog@merit.edu Subject: Re: DNS Based Load Balancers On Sun, 2 Jul 2006, Patrick W. Gilmore wrote: Would you mind giving us a little more to go on than the love of god before making strategic architectural decisions? Just in case we like to decide things for ourselves. :) Patrick, I am sorry if I have hit a nerve with you- it seems you've got a vested interest in the answer to this question, and I appreciate your position. For instance, was F5's implementation flawed, or do you have a reason to dislike the basic idea? And why? For the record, what I _should_ have advised the OP was for the love of god, don't try to do this yourself with an appliance. I wholeheartedly encourage him to give his local Akamai sales rep a call. I am sorry for the confusion and angst my brevity has caused. We work with a couple of different technologies here - our own GSS's, cache farms and also external CDNs (for overflow). This is currently and area that is currently under evaluation for a quite significant expansion. Are you able to give some kind of description as to the problems you experienced whilst using your own appliances? It would be very useful to be able to avoid making the same mistakes. Sam As someone who has also deployed GSLB's with hardware applicances I would also like to know real world problems and issues people are running into today on modern GSLB implementations and not theoretical ones, as far as I can tell our GSLB deployment was very straight forward and works flawlessly. -- Rodrick R. Brown
Re: ICANN at risk
On Mon, 3 Jul 2006, Jeremy Kister wrote: With three days left and no mention of it from the folks that matter, I'm referring NANOG readers to: http://www.ntia.doc.gov/ntiahome/frnotices/2006/NOI_DNS_Transition_0506.htm note the notes already sent in: http://www.ntia.doc.gov/ntiahome/domainname/dnstransition.html note the multiple copies of email-only carbon-copy submissions? :( Not that I happen to disagree very much with the carbon copies, but it seems a little obviously a copy/paste job :( -Chris
Re: ICANN at risk
On 7/4/06, Christopher L. Morrow [EMAIL PROTECTED] wrote: note the notes already sent in: http://www.ntia.doc.gov/ntiahome/domainname/dnstransition.html note the multiple copies of email-only carbon-copy submissions? :( Not that I happen to disagree very much with the carbon copies, but it seems a little obviously a copy/paste job :( Milton Mueller was encouraging people to astroturf the NTIA and they're doing it. http://www.circleid.com/posts/send_a_message_to_ntia/ Sad that moveon.org style tactics like this should be used to make what is otherwise fairly sane and reasoned commentary. -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: ICANN at risk
On Tue, 4 Jul 2006, Suresh Ramasubramanian wrote: On 7/4/06, Christopher L. Morrow [EMAIL PROTECTED] wrote: note the notes already sent in: http://www.ntia.doc.gov/ntiahome/domainname/dnstransition.html note the multiple copies of email-only carbon-copy submissions? :( Not that I happen to disagree very much with the carbon copies, but it seems a little obviously a copy/paste job :( Milton Mueller was encouraging people to astroturf the NTIA and they're doing it. http://www.circleid.com/posts/send_a_message_to_ntia/ Sad that moveon.org style tactics like this should be used to make what is otherwise fairly sane and reasoned commentary. one man's thoughts spewed by the multitudes :( I do hope that, again despite the fact that I support a 'not us govt agency incharge' and the closest we have is ICANN (despite it having some warts), the DOC/NTIA spends some time reviewing the results and does something sane with the mass-entries such as these. -Chris
Re: ICANN at risk
On 7/4/06, Christopher L. Morrow [EMAIL PROTECTED] wrote: one man's thoughts spewed by the multitudes :( I do hope that, again despite the fact that I support a 'not us govt agency incharge' and the closest we have is ICANN (despite it having some warts), the DOC/NTIA spends some time reviewing the results and does something sane with the mass-entries such as these. People on both sides of the political spectrum have been playing silly buggers with boilerplate email for the last several years now. And with boilerplate letters and faxes for decades before that. Anyway the side with the highest paid lobbyists, or the ear of the most senators wins. So who cares? :) -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: ICANN at risk
The timing is interesting, given that DENIC and Nominet have recently come to an agreement of sorts with ICANN. Tony. -- f.a.n.finch [EMAIL PROTECTED] http://dotat.at/ SOUTH FITZROY: NORTHWEST 4 OR 5. SHOWERS. GOOD.
Re: ICANN at risk
Interesting timing, indeed, considering the UK is beginning (again?) to examine alternatives -- and Nominet playing a role there, too: http://technology.guardian.co.uk/news/story/0,,1812343,00.html - ferg -- Tony Finch [EMAIL PROTECTED] wrote: The timing is interesting, given that DENIC and Nominet have recently come to an agreement of sorts with ICANN. Tony. -- f.a.n.finch [EMAIL PROTECTED] http://dotat.at/ SOUTH FITZROY: NORTHWEST 4 OR 5. SHOWERS. GOOD. -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Re: ICANN at risk
On Tue, 4 Jul 2006, Fergie wrote: Interesting timing, indeed, considering the UK is beginning (again?) to examine alternatives -- and Nominet playing a role there, too: http://technology.guardian.co.uk/news/story/0,,1812343,00.html So, with ICANN 'now' starting to forge alliances and make partnerships, despite some possibly bad moves early on, and despite some overly heavy handedness on the USGov's part over the years. Is 'no more ICANN' really a good move? Jay seems to make a good point, the devil you know vs the 'new' devil :( Would some/all of the ICANN situation been different had the USGov't just walked away one day one? -- Tony Finch [EMAIL PROTECTED] wrote: The timing is interesting, given that DENIC and Nominet have recently come to an agreement of sorts with ICANN.
RE: DNS Based Load Balancers
As someone who has also deployed GSLB's with hardware applicances I would also like to know real world problems and issues people are running into today on modern GSLB implementations and not theoretical ones, as far as I can tell our GSLB deployment was very straight forward and works flawlessly. GSLB based on DNS have one significant shortcoming that moone here has yet mentioned: they are performing their magic on the location of the _nameserver_ that issued the query. this can be VERY different to that of the ACTUAL location of the client. for example, Akamai always sends to off to a serverfarm in Northern California, because that's where my DNS query is originating from. that is almost the exact opposite side of the planet from where I'm coming from... irony is that there is an akamai cluster about 10 feet away from where my [subsequent] http requests originate from... sure - perhaps this isn't the norm - split-tunnel VPNs being what they are - but it's a perfect example of why GSLB based on DNS ain't perfect. cheers, lincoln.