Question about use of cname in Google's services
Hello everyone Someone asked me question on why google uses cname for their services anyways? I mean I get it that for Google Apps customers it makes sense to have mail.domain.com pointed to a cname rather then A record to a host which may die. But why for their own services? Like e.g "mail.google.com" is cname to googlemail.l.google.com. and googlemail.l.google.com. eventually returns A record. This adds up one extra step in resolution and I wonder why Google does it this way? What advantage they get ? or What advantage they miss if they simply return record which I am getting for googlemail.l.google.com. directly as A record for mail.google.com ? Curious to hear your thoughts. Thanks! -- Anurag Bhatia anuragbhatia.com
Anurag, At 2016-06-04 02:52:46 +0530 Anurag Bhatia <me@anuragbhatia.com> wrote:
Someone asked me question on why google uses cname for their services anyways? I mean I get it that for Google Apps customers it makes sense to have mail.domain.com pointed to a cname rather then A record to a host which may die.
But why for their own services? Like e.g "mail.google.com" is cname to googlemail.l.google.com. and googlemail.l.google.com. eventually returns A record. This adds up one extra step in resolution and I wonder why Google does it this way? What advantage they get ? or What advantage they miss if they simply return record which I am getting for googlemail.l.google.com. directly as A record for mail.google.com ?
I guess that this is a CDN trick, to give different answers based on the resolver's originating IP address (or client-subnet EDNS0 information, if available). In Beijing I get this: $ host mail.google.com mail.google.com is an alias for googlemail.l.google.com. googlemail.l.google.com is an alias for mail-china.l.google.com. mail-china.l.google.com has address 74.125.203.19 mail-china.l.google.com has address 74.125.203.18 mail-china.l.google.com has address 74.125.203.17 mail-china.l.google.com has address 74.125.203.83 mail-china.l.google.com has IPv6 address 2404:6800:4005:802::2005 The CNAME chain can send users to servers closer to where they are, and allows operators to redirect traffic to less-busy servers or even take sites offline easily. Cheers, -- Shane
Hi Shane Sure, they route googlemail.l.google.com. to nearest datacenter but when prevents them from doing same with mail.google.com instead? They return Geographically closer A record for googlemail.l.google.com. but why not for mail.google.com itself? Thanks. On Sat, Jun 4, 2016 at 10:31 AM, Shane Kerr <shane@time-travellers.org> wrote:
Anurag,
At 2016-06-04 02:52:46 +0530 Anurag Bhatia <me@anuragbhatia.com> wrote:
Someone asked me question on why google uses cname for their services anyways? I mean I get it that for Google Apps customers it makes sense to have mail.domain.com pointed to a cname rather then A record to a host which may die.
But why for their own services? Like e.g "mail.google.com" is cname to googlemail.l.google.com. and googlemail.l.google.com. eventually returns A record. This adds up one extra step in resolution and I wonder why Google does it this way? What advantage they get ? or What advantage they miss if they simply return record which I am getting for googlemail.l.google.com . directly as A record for mail.google.com ?
I guess that this is a CDN trick, to give different answers based on the resolver's originating IP address (or client-subnet EDNS0 information, if available).
In Beijing I get this:
$ host mail.google.com mail.google.com is an alias for googlemail.l.google.com. googlemail.l.google.com is an alias for mail-china.l.google.com. mail-china.l.google.com has address 74.125.203.19 mail-china.l.google.com has address 74.125.203.18 mail-china.l.google.com has address 74.125.203.17 mail-china.l.google.com has address 74.125.203.83 mail-china.l.google.com has IPv6 address 2404:6800:4005:802::2005
The CNAME chain can send users to servers closer to where they are, and allows operators to redirect traffic to less-busy servers or even take sites offline easily.
Cheers,
-- Shane
-- Anurag Bhatia anuragbhatia.com
My guess is the *.l.google.com runs on a separate geo-ip aware backend DNS cluster rather than *.google.com, even though the authoritative public dns records are ns[1-4].google.com C:\>dig www.gmail.com @ns1.google.com ;; QUESTION SECTION: ;www.gmail.com. IN A ;; ANSWER SECTION: www.gmail.com. 86400 IN CNAME mail.google.com. mail.google.com. 604800 IN CNAME googlemail.l.google.com. googlemail.l.google.com. 300 IN A 172.217.1.101 The TTL for the mail.google.com record CNAME is 604800 seconds, which is 7 days, as opposed to the googlemail.l.google.com A record which expires in 300 seconds, allowing Google to quickly take servers in and out of rotation as required. On Sat, Jun 4, 2016 at 4:48 AM, Anurag Bhatia <me@anuragbhatia.com> wrote:
Hi Shane
Sure, they route googlemail.l.google.com. to nearest datacenter but when prevents them from doing same with mail.google.com instead?
They return Geographically closer A record for googlemail.l.google.com. but why not for mail.google.com itself?
Thanks.
On Sat, Jun 4, 2016 at 10:31 AM, Shane Kerr <shane@time-travellers.org> wrote:
Anurag,
At 2016-06-04 02:52:46 +0530 Anurag Bhatia <me@anuragbhatia.com> wrote:
Someone asked me question on why google uses cname for their services anyways? I mean I get it that for Google Apps customers it makes sense to have mail.domain.com pointed to a cname rather then A record to a host which may die.
But why for their own services? Like e.g "mail.google.com" is cname to googlemail.l.google.com. and googlemail.l.google.com. eventually returns A record. This adds up one extra step in resolution and I wonder why Google does it this way? What advantage they get ? or What advantage they miss if they simply return record which I am getting for googlemail.l.google.com. directly as A record for mail.google.com ?
I guess that this is a CDN trick, to give different answers based on the resolver's originating IP address (or client-subnet EDNS0 information, if available).
In Beijing I get this:
$ host mail.google.com mail.google.com is an alias for googlemail.l.google.com. googlemail.l.google.com is an alias for mail-china.l.google.com. mail-china.l.google.com has address 74.125.203.19 mail-china.l.google.com has address 74.125.203.18 mail-china.l.google.com has address 74.125.203.17 mail-china.l.google.com has address 74.125.203.83 mail-china.l.google.com has IPv6 address 2404:6800:4005:802::2005
The CNAME chain can send users to servers closer to where they are, and allows operators to redirect traffic to less-busy servers or even take sites offline easily.
Cheers,
-- Shane
--
Anurag Bhatia anuragbhatia.com
A single query to the Google DNS server does return the CNAME - but it also gives the results to the CNAME. Which means, from the single packet reply, you get back the A or AAAA that you asked for. Are we really concerned over a few extra bytes? The fact that Google exposes the CNAME at all is just an implementation detail; one that has no practical impact to us. It might have simplified their serving platform - static DNS entries vs GSLB. But they take the effort to collapse the answer, and give an actionable response with the single packet. No extra round trips. Much nicer than some other implementations I've seen for serving both static and GSLB DNS assets.
participants (4)
-
Anurag Bhatia -
Jason Fesler -
Mansoor Nathani -
Shane Kerr