AAAA's for www.netflix.com

• Previous message (by thread): AAAA's for www.netflix.com
• Next message (by thread): AAAA's for www.netflix.com
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <5F907BC1-9344-4187-BA12-CEAF7E1C3E73 at bjencks.net>, Ben Jencks write
s:
> On Jun 6, 2012, at 10:05 AM, Frank Bulk wrote:
> 
> > I started monitoring IPv6 access to www.netflix.com after seeing this
> > posting
> > =
> (http://www.personal.psu.edu/dvm105/blogs/ipv6/2012/06/netflix-is-back.htm=
> l)
> > and what I found, over the week, was that access was coming and going
> > (www.premieronline.net/~fbulk/netflix.png).  But not because of IPv6
> > connectivity, but because the AAAA's were coming and going.  Netflix's =
> DNS
> > TTL is pretty short. =20
> >=20
> > I assume Netflix has some global DNS load balancing so my perspective =
> may
> > not be complete.  Has anyone else been seeing this?
> >=20
> > I contacted a Netflix employee (he's well known on this list) and he
> > responded once but I haven't heard back since Saturday. =20
> 
> UltraDNS is doing something strange with its CNAME responses. =
> www.netflix.com is a CNAME to a name with both A and AAAA, but the =
> authoritative server for netflix.com only returns that CNAME for A =
> queries, not AAAA.

It's not strange.  IT IS BROKEN.  There is zero, nada, none, no
excuse for not returning a CNAME to the AAAA in this situation.

> So, if you do an A query first, your resolver will =
> cache the CNAME and use it for the subsequent AAAA query (returning an =
> AAAA), but if you do an AAAA query first, it will cache the no-records =
> response and return no AAAA record.
> 
> $ dig ns netflix.com
> ;; QUESTION SECTION:
> ;netflix.com.			IN	NS
> ;; ANSWER SECTION:
> netflix.com.		162	IN	NS	pdns5.ultradns.info.
> netflix.com.		162	IN	NS	pdns6.ultradns.co.uk.
> netflix.com.		162	IN	NS	pdns4.ultradns.org.
> netflix.com.		162	IN	NS	pdns2.ultradns.net.
> netflix.com.		162	IN	NS	pdns1.ultradns.net.
> netflix.com.		162	IN	NS	pdns3.ultradns.org.
> 
> $ dig @pdns1.ultradns.net. www.netflix.com
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61357
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;www.netflix.com.		IN	A
> ;; ANSWER SECTION:
> www.netflix.com.	300	IN	CNAME	=
> dualstack.wwwservice--frontend-313423742.us-east-1.elb.amazonaws.com.
> 
> $ dig @pdns1.ultradns.net. aaaa www.netflix.com
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34855
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;www.netflix.com.		IN	AAAA
> ;; AUTHORITY SECTION:
> netflix.com.		1800	IN	SOA	dns.netflix.com. =
> nicadmin.netflix.com. 2012060120 900 600 1209600 1800
> 
> -Ben=
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

• Previous message (by thread): AAAA's for www.netflix.com
• Next message (by thread): AAAA's for www.netflix.com
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]