On Wed, 2010-05-19 at 20:01 +0000, Philip D'Ath wrote:
I have a classic example that happens to me regularly. I have a client in the UK. If I VPN into their site, so I am using their DNS servers but my local Internet connection, I can't get to some sections of Microsoft's web site.
Is this just a mismatch between a cache which has a defined customer base ( something like "Everyone peered at $IX", or "Customers of $TELCO" ) and having the dns request come from within that scope, but then the actual request coming from somewhere else? So the failure is due to the cache only having access to a small local routing table and no transit to get back to your network. Luckily our transit ( really paid peering grumble, grumble ) services with two large .nz telco's probably put us in the customer category with them, so in theory at least we shouldn't have trouble using either of their caches. Also I would expect that if CallPlus are advertising the prefix for their Akamai cache to APE, then the cache should at least have access to our advertisements at APE for traffic in the other direction. Overall, the DNS forwarding thing seems like something that will cause pain at some point, so it would be great to be able to do something cleaner. Cheers, -- Lincoln Reid Head of Networks ACSData - AS18119 lincoln(a)acsdata.co.nz Phone: +64 4 939 2200 Fax: +64 4 939 2201