On Tue, 2010-07-13 at 21:40 -0400, Patrick W. Gilmore wrote:
Akamai choses where to serve people based on latency, packet loss, and throughput. If the latency over your transit provider is slightly lower than the latency over a 'free' path, we will still pick the transit provider - many times. We can influence that decision if you ask us, assuming that 1) we are allowed to serve you over the free path, and 2) the free path has acceptable performance characteristics.
Given the data I have, it would seem that the networks with the 'closer' caches probably do not have in their list of allowed prefixes. It may be that the cache we are using now is hosted with the only one that has bothered to put our prefixes in their list.
Now, back to the on-net caches. The network with the on-net node gives us an ACL (usually through a BGP session to one of our Quagga boxes) of which users are allowed to use that node. Any request from an IP address outside that ACL will not be directed to the on-net cache.
Ideally someone from Callplus could chirp in here and clarify if they are feeding all the prefixes they learn at APE on to Akamai, or if there is a static list that will become out of date etc.
So when you configure your RNS to forward to another provider's RNS without their permission, you are really circumventing the agreement we have with that provider. It is the same as sending a packet to Provider 1 which is destined for Provider 2. Even if Provider 1 & Provider 2 peer, it is still really bad Netiquette at best, and many would call it far worse. (Including me.)
Understood. Even without taking into account that you are in effect pinching traffic off the network hosting the cache, I can see that it is risky to forward to a dns server ( perhaps of a competitor! ) that could block you at any point or answer your requests with the IP of an iPhone somewhere in outer mongolia.
And, of course, if you know a network which has an Akamai node, you can always ask them to add your AS / prefixes to the ACL. We have no problem serving you from any node that gives us permission to serve you.
This looks like the best route for us to go down, hopefully I can find someone responsible for the Akamai racks in each of the networks involved =)
Hopefully this answered many people's questions. If anything was unclear, please let me know.
Thanks a heap for the comprehensive reply. I couldn't find a pointer to the NetSupport-tix(a)akamai.com address other than in the context of us being an organisation with our own Akamai rack, this should clear everything up from my perspective. Cheers, -- Lincoln Reid Head of Networks ACSData - AS18119 lincoln(a)acsdata.co.nz Phone: +64 4 939 2200 Fax: +64 4 939 2201