From owner-freebsd-hubs@FreeBSD.ORG Mon Mar 3 05:21:55 2014 Return-Path: Delivered-To: hubs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 46EDD778 for ; Mon, 3 Mar 2014 05:21:55 +0000 (UTC) Received: from mail1.riverwillow.net.au (mail1.riverwillow.net.au [IPv6:2001:8000:1000:1801::36]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4196DA05 for ; Mon, 3 Mar 2014 05:21:36 +0000 (UTC) Received: from rwpc15.gfn.riverwillow.net.au (rwpc15.gfn.riverwillow.net.au [IPv6:2001:8000:1000:18e1:20c:76ff:fe0a:2117]) (authenticated bits=56) by mail1.riverwillow.net.au (8.14.8/8.14.8) with ESMTP id s235LC3k064407 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 3 Mar 2014 16:21:14 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=riverwillow.com.au; s=m1001; t=1393824075; bh=YaVoTj2szcFqZBDGAj5jzGmmcLw0tS9GPSr2p62Lkog=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=yPLwKqlx5xAblN9P0CX/RBLfwvV6BppwANlFpuhMJWjmhboyhIxq60F+HOF2Qzskm njPsyxApclFm4YDOxzRPjvKpEWBjoN15qVDbJqflylhvhMBWsGTj5ugJ7Wyo/dSwwL XWggmjcGGeW3kBZqtcywuXY3sewyYlrmlxzpCbeA= Date: Mon, 3 Mar 2014 16:21:12 +1100 From: John Marshall To: Peter Losher Subject: Re: Future of DNS, DNSSEC, country code delegations, etc. Message-ID: <20140303052112.GD1429@rwpc15.gfn.riverwillow.net.au> References: <530C59D7.30204@wemm.org> <20140303033742.GC1429@rwpc15.gfn.riverwillow.net.au> <6C6F05BA-7BE5-43F6-96D1-FA184ACBF28B@isc.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="veXX9dWIonWZEC6h" Content-Disposition: inline In-Reply-To: <6C6F05BA-7BE5-43F6-96D1-FA184ACBF28B@isc.org> OpenPGP: id=A29A84A2; url=http://pki.riverwillow.com.au/pgp/johnmarshall.asc User-Agent: Mutt/1.5.22 (2013-10-16) Cc: hubs@freebsd.org X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "FreeBSD Distributions Hubs: mail sup ftp" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 05:21:55 -0000 --veXX9dWIonWZEC6h Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, 02 Mar 2014, 20:20 -0800, Peter Losher wrote: > On 2 Mar 2014, at 19:37, John Marshall wrote: >=20 > >> We (freebsd.org) use ISC's global anycasted ISC-SNS dns servers. In o= ur > >> experience they have excellent coverage around the world so we'd prefe= r to > >> fold the *.cc.freebsd.org zone into the main freebsd.org zone (like > >> wwwN.us.freebsd.org and ftpN.us.freebsd.org are right now). Actual > >> sub-zones could be done if there's a regional reachability problem but= I > >> would rather not unless we absolutely had to. > > > > The ISC-SNS servers are, at best, ~200ms from Australia; but that is > > better than we could expect from anything else inter-continental. >=20 > FWIW, we (ISC) do have SNS DNS nodes via one of our network partners (ns3= =2Eisc-sns.info) in Hong Kong and Singapore so they are in region, but it's= dependent on the routing table and your ISP's peering arrangements. For e= xample Telstra routes it all back to the US; Optus, Vocus & AAPT among othe= rs routes it to the Asian nodes. =20 >=20 > YMMV. (I'll save folks the peering politics lecture) Thank you, Peter, for that helpful additional information. While it is true that the Mileage May Vary, it doesn't make much of a difference to the network latency. I did some objective digging based upon your information and here are some real numbers showing the final two hops of traceroutes to each of the three isc-sns nodes. =46rom a Telstra-connected host in NSW AU --------------------------------------- IPv4 ---- 11 10ge1-4.core1.sjc1.he.net (72.52.92.117) 181.823 ms 187.290 ms 181.8= 16 ms 12 ns1.isc-sns.net (72.52.71.1) 182.271 ms * 182.590 ms 12 vl3512.na11.b002695-3.lax07.atlas.cogentco.com (38.20.46.42) 213.522 ms 13 ns2.isc-sns.com (38.103.2.1) 212.224 ms 210.093 ms 210.344 ms 10 if-4-28.tcore2.LVW-Los-Angeles.as6453.net (216.6.84.53) 210.467 ms * * 11 ns3.isc-sns.info (63.243.194.1) 202.985 ms 204.370 ms 201.820 ms IPv6 ---- 11 10ge1-4.core1.sjc1.he.net 216.824 ms 226.081 ms 221.686 ms 12 ns1.isc-sns.net 217.777 ms 218.074 ms 219.732 ms 8 if-xe-8-2-2.0.tcore1.TV2-Tokyo.ipv6.as6453.net 151.741 ms 151.809 ms = 169.409 ms 9 2405:2000:400::5 177.701 ms 180.904 ms 177.386 ms 10 ns3.isc-sns.info 179.070 ms 177.514 ms 177.479 ms =46rom a VOCUS-connected host in QLD AU ------------------------------------- IPv4 ---- 13 10ge1-4.core1.sjc1.he.net (72.52.92.117) 168.504 ms 168.319 ms 170.7= 62 ms 14 ns1.isc-sns.net (72.52.71.1) 169.328 ms 168.419 ms 168.905 ms 14 vl3812.na11.b002695-3.lax07.atlas.cogentco.com (38.20.46.50) 182.269 ms 15 ns2.isc-sns.com (38.103.2.1) 180.041 ms 180.140 ms 180.148 ms 14 if-3-2.tcore1.HK2-Hong-Kong.as6453.net (180.87.112.5) 150.309 ms 150.= 212 ms 149.295 ms 15 ns3.isc-sns.info (63.243.194.1) 150.134 ms 151.653 ms 162.848 ms IPv6 ---- 10 10ge1-4.core1.sjc1.he.net 176.160 ms 187.304 ms 176.597 ms 11 ns1.isc-sns.net 176.439 ms 176.228 ms 176.412 ms 9 globeinternet-as6453.gigabitethernet3-19.core1.lax1.he.net 176.537 ms = 176.178 ms 176.355 ms 10 ns3.isc-sns.info 176.813 ms 176.450 ms 176.454 ms There seems to be a common global misconception that Asian countries are somehow "in region" for Australia, New Zealand and the South Pacific. That is certainly not the case with respect to the Internet. Given a choice between using a mirror in Singapore and a mirror in San Francisco, I would pick the San Francisco option. The plumbing between here and the USA yields better results. --=20 John Marshall --veXX9dWIonWZEC6h Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iEYEARECAAYFAlMUEUgACgkQw/tAaKKahKLEYACdELmmprZPbnTbZd/cwxD3/zds BE4AoI0s3jySFN0N0hJ4WAKuytdS/hEH =+9vF -----END PGP SIGNATURE----- --veXX9dWIonWZEC6h--