upvote

points

by jedberg7 hours ago |
comments
upvoteby progbits6 hours ago|
next
[-]
ISP DNS servers really ought to be banned, they are always so bad. I've seen traffic days later on a record with 1 hour TTL. In general I see like 50% traffic move after the initial 1-2x TTL interval, another 40-45% over next several hours up to one day, and then the last 5-1% can take forever.

For round-robin, I've actually had it work reasonably well for API usage. Of course it's not ideal, but when I wanted to roll out new things slowly over several days and could not use a load balancer or reverse proxy, it kind of worked. I think most API users are just running with a reasonable resolver and not residential ISP ones.

reply
upvoteby jedberg6 hours ago|
parent|
[-]
When I moved reddit from one datacenter to another, about 70% of the traffic shifted within the TTL. Another 20% moved within a week. Took till the end of a month after the change to get to about 98%

But after two months, about 1% was still going to the old server (I had set it up as a proxy for the cutover). Most of that traffic looked like crawlers that were written in things like Python or Ruby and had probably hard coded the IP or done something where it just didn't know what a TTL was.

So at that point I just shut down the old server.

You're probably right about API clients using better resolvers though. I was talking about consumer facing things where a lot of people would be on ISP DNS.

reply
upvoteby DyslexicAtheist2 hours ago|
prev|
[-]
> It's the people who think they are clever and try to make things better by making them worse.

you mean DNSSEC, right? RIGHT?

reply
upvoteby jedberg1 hours ago|
parent|
[-]
I didn't actually. :). I meant people who change their DNS server or client (usually server) to do "clever" or "more efficient" things.

DNSSEC at least has its own RFC and uses the TXT record, which was added to DNS specifically for this kind of use case.

reply