Strange routing to CDN sites
Doing an eval for an education client and having some weirdness:
Debug file: https://nextdns.io/diag/da996380-f60f-11eb-8e90-f74767f2f868
I do a bunch of MTRs to different sites to monitor the routing to known CDNs and compare the results to different providers (google, quad9, level3, opendns).
I'm under one milisecond away from your SJC location. All the test CDN services I'm using are local (facebooks, instagram, cnn, etc). All are within 10ms away.
An hour ago everything was testing fine and directing to local resources. Late last night when I was testing and again right now, I'm getting redirected from San Jose to NYC and other East Coast locations. It seems to flake to the wrong ones more frequently than the correct ones.
Ok, an hour ago facebook.com was directing to San Jose. 15 minutes ago it was going to NYC. Now it's routing to Atlanta.
I can correct this by just switching upstream DNS providers who seem to be getting the ECS messages properly or they are at least routing them to a nearby CDN.
Does NextDNS support ECS/EDNS subnet information to send clients to the closest CDN? Or is there something wrong with my particular node (vultr-sjc-1 and 45.90.28.168) that it keeps tossing me to the east coast for resources that are 100ms further away than they are locally?
Just now to test I turned off "Anonymized EDNS Client Subnet" and I'm resolving to the right CDNs now. Is that really the issue? I'm guessing the anonymizing is just rolling up the source IP into a bigger subnet so its geo, but not exactly. Is removing that the solution? Could just be coincidence in my testing right now.
Maybe the anonymizing it into a supernet rolled it up too far and the DNS could no longer geolocate it. That might make sense. In any case, I have no issue leaving it off.
Thanks! Hoping this is all it is, as I like the service otherwise, it's really well done.
1 reply
-
Please turn EDNS back on and do the following dig command for the domains with issues:
dig chaos <domain>
This might not work depending on how you setup NextDNS. If it does not, please add +tcp or tell us more about your setup.
We are interested in the smart-ecs.nextdns.io. and client.nextdns.io. records (please send them over DM).
Content aside
- 3 yrs agoLast active
- 1Replies
- 263Views
-
2
Following