Opendns

Last month I noticed quite high latency with Cisco’s OpenDNS from my home fibre connection. The provider at home is IAXN (AS134316) which is peering with content folks in Delhi besides transit from Airtel.

ping -c 5 208.67.222.222
PING 208.67.222.222 (208.67.222.222) 56(84) bytes of data.
64 bytes from 208.67.222.222: icmp_seq=1 ttl=51 time=103 ms
64 bytes from 208.67.222.222: icmp_seq=2 ttl=51 time=103 ms
64 bytes from 208.67.222.222: icmp_seq=3 ttl=51 time=103 ms
64 bytes from 208.67.222.222: icmp_seq=4 ttl=51 time=103 ms
64 bytes from 208.67.222.222: icmp_seq=5 ttl=51 time=103 ms
--- 208.67.222.222 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 103.377/103.593/103.992/0.418 ms

This is bit on the higher side as from Haryana to Mumbai (OpenDNS locations list here). My ISP is backhauling from Faridabad which is probably 6-8ms away from my city and 2-3ms further to Delhi and from there to Mumbai around 30ms. Thus latency should be around ~40-45ms.

Writing this post from my hotel room in Kathmandu. I found that many of the servers appear to be DNS resolvers which is unusual.
Have a look at these weird DNS replies:

dig @anuragbhatia.com . ns +short
a.root-servers.net.
b.root-servers.net.
c.root-servers.net.
d.root-servers.net.
e.root-servers.net.
f.root-servers.net.
g.root-servers.net.
h.root-servers.net.
i.root-servers.net.
j.root-servers.net.
k.root-servers.net.
l.root-servers.net.
m.root-servers.net.

dig @google.com . ns +short
b.root-servers.net.
c.root-servers.net.
d.root-servers.net.
e.root-servers.net.
f.root-servers.net.
g.root-servers.net.
h.root-servers.net.
i.root-servers.net.
j.root-servers.net.
k.root-servers.net.
l.root-servers.net.
m.root-servers.net.
a.root-servers.net.

This seems unusual and is the result of basically port 53 DNS hijack. Let’s try to verify it using popular “whoami.akamai.net” query.

These days Open DNS resolvers are getting quite popular. With Open DNS resolver I mean resolvers including OpenDNS as well as Google Public DNS.

One of major issues these resolvers suffer is failure of integration with CDN providers like Akamai, Limelight etc. In this post I will analyse sample client site of Akamai - Malaysia Airlines website - http://www.malaysiaairlines.com.  

Looking at OpenDNS, Google Public DNS and my ISP (BSNL’s) DNS resolver for its DNS records:

Hello everyone!

Seems like Tata Communications routing table is changed (call it fixed) to route traffic for openDNS to Singapore. It’s not going to London anymore and I see very good latency from BSNL too (which uses Tata Comm for most of it’s International traffic).

Here’s latest routing from BSNL to openDNS: 

HOST: laptop                                                                 Loss%   Snt   Last   Avg  Best  Wrst StDev

  1. router2                                                                        0.0%    50    2.0   1.7   1.5   2.2   0.2

  2. 117.207.48.1                                                             2.0%    50   25.4  26.2  24.5  36.1   1.6

  3. 218.248.173.38                                                        0.0%    50   26.1  31.2  25.0 125.5  17.8

  4. 121.244.68.114.static-lvsb.vsnl.net.in               2.0%    50   70.1  72.2  69.4  97.8   6.0

  5. 172.31.61.210                                                            0.0%    50   92.9  94.8  92.9 109.0   2.2

  6. ix-4-2.tcore1.CXR-Chennai.as6453.net            0.0%    50   94.3  98.4  93.1 154.6  12.6

  7. if-5-2.tcore1.SVW-Singapore.as6453.net          0.0%    50  127.2 130.6 125.8 165.5   8.5

  8. if-2-2.tcore2.SVW-Singapore.as6453.net         0.0%    50  126.8 128.6 124.4 178.2   8.3

  9. Vlan1807.icore1.SVQ-Singapore.as6453.net   2.0%    50  135.4 132.3 126.1 140.4   4.4

 10. 203.208.186.101                                                      0.0%    50  202.4 163.6 156.9 256.5  17.5

 11. 203.208.153.110                                                       0.0%    50  159.1 166.8 157.0 272.4  23.6

 12. 203.208.190.166                                                      2.0%    50  160.3 160.6 158.6 191.9   4.6

 13. resolver1.opendns.com                                           2.0%    50  159.0 158.3 156.9 162.4   1.0

Overall I am getting latency from 160ms which seems OK considering 25-30ms latency for DSL, adding 60-90ms for route till South India followed by 30-40ms latency between Chennai and Singapore and eventually destination openDNS node on ASN 36692.