After the discussion a few weeks back about DNS performance, I asked
one
of my colleagues, Brendon Jones to add DNS performance to the gTLD/Root
servers to our Active Measurement Platform (AMP) which is already
monitoring the .nz nameservers. These have now had a while to collect
some data and show a fairly interesting (and IMHO pretty visualisation
of New Zealands DNS performance)
* http://erg.cs.waikato.ac.nz/amp/matrix.php/latency/NZ/NZ+DNS
For starters, we've in the past measured performance to the .nz ccTLD name servers to track their
performance within New Zealand. This shows a pretty healthy coverage
for .nz. Full marks to all the people who have done the hard work to
make this happen.
* http://erg.cs.waikato.ac.nz/amp/matrix.php/hops/NZ/NZ+DNS
This in comparison shows how many
hops we see in a traceroute to the .nz ccTLD
servers.
All the New Zealand name servers are firewalled in such a way we can't get an accurate count,
but this at least provides a lower bound.
You can see people who don't peer at WIX don't see the near instance of
ns7.
* http://erg.cs.waikato.ac.nz/amp/matrix.php/latency/NZ/root+DNS
* http://erg.cs.waikato.ac.nz/amp/matrix.php/hops/NZ/root+DNS
Second up, we added a test to all of our measurement points to the Root
Servers. This shows quite distinctively that there are several places
in New Zealand whose peering policy means that they don't see some, or
in the case of Otago Uni's CS Dept, any, New Zealand based instances.
vuw interestingly doesn't appear to be able to contact any f.root
instance at all. New Zealand seems to be fairly well covered with F,
I, J and even a fairly close K root.
* http://erg.cs.waikato.ac.nz/amp/matrix.php/latency/NZ/gtld+DNS
* http://erg.cs.waikato.ac.nz/amp/matrix.php/hops/NZ/gtld+DNS
This shows the same visualisation to all of the gTLD servers. This
shows a much more unhappy view of New Zealand. Our monitoring points
are quite biased towards universities which generally prefer KAREN,
which has poor coverage (which appears to be due to KARENs policies)
and
thus show very poor numbers. However it doesn't paint a particularly
rosy picture for much of the rest of New Zealand either, with Maxnet
and
TheLoop also failing to find any instances anywhere near New Zealand at
all.
* http://erg.cs.waikato.ac.nz/amp/matrix.php/latency/NZ/afilias+DNS
* http://erg.cs.waikato.ac.nz/amp/matrix.php/hops/NZ/afilias+DNS
Afilias provide nameserving for several zones including .org/.mobi and
so on. Right this instant TelstraClear doesn't appear to be able to
get to b0.org.afilias-nst.org at all, so again many of the
universities show failures, although this time it doesn't appear to be
routing issues with KAREN.
Also, just as we were setting up collecting some test data (but
unfortunately not traceroute data), KAREN coincidentally had a major
outage in Hamilton which impacted the University of Waikato. This let
us see what happens when KAREN's routes aren't available:
(See? Unscheduled outages /can/ have an upside!)
http://erg.cs.waikato.ac.nz/amp/graph.php?src=ampz-waikato&dst=b.root-servers.net&rge=1-day&date=2010-05-25
http://erg.cs.waikato.ac.nz/amp/graph.php?src=ampz-waikato&dst=e.root-servers.net&rge=1-day&date=2010-05-25
http://erg.cs.waikato.ac.nz/amp/graph.php?src=ampz-waikato&dst=j.root-servers.net&rge=1-day&date=2010-05-25
http://erg.cs.waikato.ac.nz/amp/graph.php?src=ampz-waikato&dst=k.root-servers.net&rge=1-day&date=2010-05-25
This shows that if we don't have KAREN routes available, then our
performance to b, e, j and k root *improves*,
Sigh.
Also our performance to F root degrades as our commodity
internet connection suddenly has to handle the additional load: http://erg.cs.waikato.ac.nz/amp/graph.php?src=ampz-waikato&dst=f.root-servers.net&rge=1-day&date=2010-05-25
So, all in all, New Zealand's DNS Performance is better than I had seen
(my two measurement points inside Waikato University and Rurallink were
two of the worst to choose from, Rurallink doesn't yet host an AMP node
so doesn't appear here).
Hopefully KAREN will in the future consider hosting/peering directly
with at least a root server, and NZ ccTLD server so if an Universities
commidity connection falls over then you can still resolve (and
therefore create new connections to) other research institutions. KAREN
could either start not accepting "scenic" routes from other R&E
networks for other anycast instances of Root/gTLD/ccTLD servers, or
provide access to them via less amusing routes by increasing their
peering.
People who don't peer at WIX miss out on the instances hosted there.
If you're not peering, some of your customers are getting slower
results for DNS lookups than necessary making web pages take longer, to
load, and thus your service appear to be slower. Yet another reason to
improve your peering.
Ideas and comments welcomed!