[140296] in North American Network Operators' Group
Re: Yahoo and IPv6
daemon@ATHENA.MIT.EDU (Jared Mauch)
Mon May 9 13:27:38 2011
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <20110509163412.A4F4A1CC09@ptavv.es.net>
Date: Mon, 9 May 2011 13:27:21 -0400
To: "Kevin Oberman" <oberman@es.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>, Arie Vayner <ariev@vayner.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On May 9, 2011, at 12:34 PM, Kevin Oberman wrote:
> I have talked to Yahoo engineers about this and they say that their
> testing has shown that, if it takes more than 3 seconds for a site to
> load, they start to lose significant traffic. Hence the 3 second
> timeout.
>=20
> Sadly, I'm afraid that they have a point, but at the same time I =
suspect
> that they are assuring failure for almost everyone. A 5 second timeout
> would probably be more reasonable, but is probably unacceptable to =
Yahoo
> management.
I have done some other 'observational' looks at some IPv6 related data =
recently that others may have seen on ipv6-ops.
A few notes:
1) Somewhere 0.5-0.8% of sites in a list of domains (about 1 million =
'top' sites) have some form of broken DNS
2) Some DNS providers (eg: OpenDNS, Google, Comcast, and those that run =
ISC-BIND) have varying responses with these queries. The one I find =
most interesting is OpenDNS, they seem to never take more than 1 second =
for a dns query. Seems to stick within this 3-5 second overall load =
rule. I've not detailed what nameservers have different operations, but =
BIND is certainly most likely to return a SERVFAIL while others return =
NOERROR. It appears BIND is just more strict about enforcing strict =
cname -> cname mapping with proper SOA. You can see this all over =
bind-users.
There seems to be some other interesting data that could be inferred =
regarding the sites.
I do want to present this data and some details regarding IPv6 day and =
our observations at the upcoming NANOG meeting, but not sure I'm going =
to have it all together. If you are on the PC, expect a lightning talk =
from me :)
I do feel the bar that Yahoo is setting is too high. There are a lot of =
network elements that are broken, either DNS servers, home 'gateway/nat' =
devices, or other elements in the delegation chain. This leaves out any =
of the network elements of the packet forwarding path that may be =
suboptimal. While not directly comparable as one is the CPE side vs =
Content side, if 0.6% of sites are unreachable from a BIND resolver on a =
properly IPv6 enabled network, the number of sites that will appear =
broken will be high in aggregate. These folks need to fix their =
problems, 6714 of the 1 million sites are broken. If you are talking =
about 6714 people that are going to place a helpdesk call that day, I =
hope everyone is ready to work their phones. I think this is the point =
of Yahoo, but if nobody fixes it, it will just be permanently broken. =
If that's the case, it should be addressed vs papered over by not =
serving up for the remainder of the 99.4% that are properly maintained.
While 2 9's is not that great, aiming for 5 9's is a goal, not something =
I feel is realistic in the next 24 months.
- Jared=
