November

16

by Kaj Kandler

In the recent months I noticed hat I had rather slow ping times to www.google.com or mail.google.com. The latency to Google’s servers was in the 200 – 300 ms. In addition I noticed that when my workstation was on the Corporate VPN, I had *.google.com pings of < 40ms. As Google these days is the network contacted by so many websites for analytics or as CDN for JavaScript, etc. , it is of vital importance to have a fast connection to Google. Some quick analysis revealed, that a typical traceroute to www.google.com from my home went through 12 hops of Internet and then another 17 hops in Google's network and the latency jumped by 100ms four hops into Google's network. I found that rather odd. However, when I'm on the corporate VPN, the number of hops inside the Google network shrinks to 6-8 and their latency is much smaller. I also noticed that www.google.com had a different IP address if I used the corporate network. Measuring the latency to the IP address that I got when on the VPN showed similar latency and traceroute results. So my configured DNS servers were to blame. Back when Verizon started to break the DNS protocol in their servers I had configured some public DNS server from Level 3, namely 4.2.2.2 and 4.2.2.5 as they had the best latency at the time. I had to reconsider that decision. Armed with a free open source tool named namebench I found the fastest DNS server’s available for my connection. But it turned out that their IPs for *.google.com were as bad as the previous one’s. So I tested the two name servers that Verizon configures automatically and they provide IP addresses with 20 – 40 ms ping times and much shorter traceroutes. I guess with multi homing the Internet’s architecture has fundamentally changed. That said, Verizon still uses an intentionally broken implementation of DNS, which does not return a failure if a request can’t be resolved, instead it returns it’s own web server. I almost considered to leave it at that, as better performance seemed more important then a broken DNS. However, the usability of this “helpful” Verizon server is horrible, as it redirects to its own URL, so if I make a typo I have to essentially retype my address or edit the original request in my URL bar to correct it.

As a last resort, I tested Google’s public DNS servers 8.8.8.8 and 8.8.4.4. While Google’s DNS servers do not answer as fast as my local verizon servers, they are only marginally slower and can deliver the proper IP addresses for the Google network without breaking the DNS protocol in the process.

Leave a Reply

You must be logged in to post a comment.