ISP network design of non-authoritative caches

Sean Donelan sean at
Sat Nov 17 10:48:03 UTC 2001

On Sat, 17 Nov 2001, Bill Woodcock wrote:

>     > During the boom times, ISPs couldn't individually configure millions
>     > of DNS clients.  They generally told subscribers to use two statically
>     > configured name servers.
> Many of them, like us, tell subscribers to use two statically configured
> _service addresses_ which describe the internal-DNS _service_, and are
> resident on all customer-facing DNS servers throughout our infrastructure.

Some ISPs do this, its fairly easy to check.  It is one of several
methods an ISP could use.  Is there a paper, book, etc which we could
give to ISPs documenting such practices?  Or do you have to hire the
right consultant, who knows the proper incantation?

If you look at some of largest consumer ISPs which outsource much of
their infrastructure, they don't have customer-facing servers distributed
throughout their infrastructure.  Or they distribute customers among the
servers using a very unusual algorithm.

I'm using Mindspring/Earthlink tonight, and my DNS resolver is using
a server in Dallas (if you believe the traceroute).
Earthlink could intercept the DNS/UDP packets to port 53 and route
them differently, but I don't think that's true.

Tracing route to []
over a maximum of 30 hops:

  1    98 ms    88 ms    94 ms []
  2    95 ms    99 ms    99 ms []
  3   110 ms   103 ms   104 ms []
  4   105 ms   103 ms   104 ms []
  5   130 ms   114 ms   119 ms []
  6   150 ms   159 ms   148 ms []
  7   150 ms   149 ms   149 ms []
  8   150 ms   154 ms   155 ms []
  9   160 ms   154 ms   153 ms []

ATT Worldnet appears to have more DNS caching name servers spread
around the country, but I get assigned servers in Missouri and DC
when I dial into a California POP.  The RTT matches a coast to coast

More information about the NANOG mailing list