Re: All Apple updates time out. But through a VPN, it's fine!
CaptainSTX
Contributor - Level 3

For those individuals that think that changing DNS servers is a cure all for speed problems I suggest that you download the free DNSBench.exe utility.

It will test 4,849 DNS servers and tell you which is fastest in your location.   I just ran a test and the fastest DNS server  was 8.8 ms  and number fifty  tested in at 42.7 ms.   Of course resetting your DNS servers to the three fastest on the list is a game of whack a mole in that the three fastest now probably won't be the three fastest next time you test.

Probably the most valuable thing about testing is that when you go to Steve Gibson's site to download the utility and run it there is a lot of informative information about what DNS servers actually do and how to select DNS severs.

My experience has been to pick two from Google and one from OpenDNS.   While the servers I have selected might not always test in the top twenty five they have been reliable for me.  I personally can't relly tell the difference in how quickly a web site resolves  if it only takes  15 ms or 25 ms for my DNS query to be resolved.

If you think your DNS server is holding you back compare how quicky a site reolves if you use a DNS server or you type in the numeric public IP for the site.   

0 Likes
Re: All Apple updates time out. But through a VPN, it's fine!
Hubrisnxs
Legend

This particular issue isn't about the actual name resolution piece built into DNS, but the Geo Locate portion that works with CDN's and direct''s you to one server in the east coast or west coast based on the DNS address. 

0 Likes
Re: All Apple updates time out. But through a VPN, it's fine!
CaptainSTX
Contributor - Level 3

It sounds wonderful that using a different DNS provider would magically take your East coast connection and instead connect using a DNS server on the West coast.

At least for Google,  when  you use one of their public  DNS servers,  the information quoted below is  from their site is what actually happens according their list of  FAQ.

"How does Google Public DNS know which data center to send me to?Google Public DNS uses anycast routing to direct all packets to the closest DNS server. For more information on anycast routing, see theWikipedia entry."

I assume OpenDNS must do something similar.    

To get a California DNS server when you are located in New York would require that you find a West Coast Only public DNS server and use it.

If you are using a VPN then that is a diifrent scenario and you probably would want to use the DNS server of the VPN provider.

0 Likes
Re: All Apple updates time out. But through a VPN, it's fine!
Hubrisnxs
Legend

Just to be clear we are talking about the same thing.  We aren't in fact talking about DNS.  We are talking about CDN's and how DNS plays and impact with how they deliver content. 


Fundamental aspect of how DNS and CDNs work. When you get pointed to a specific DNS name for a server, your PC contacts the DNS server and requests that IP associated with that host. If the server doesn't happen to have that information already cached, it looks up the authoritative DNS server for the domain, and asks that server what the IP is. On something that isn't distributed, that is always going to be the same IP, no matter where you're coming from. No matter where you are, www.dslreports.com is always going to come up as 64.91.255.98. On a distributed network, however, the DNS server knows the IP of your DNS server, and knows that it is coming from Verizon FiOS in the PA/NJ/DE region (because the assigned DNS server is always close to the user to minimize lookup times). It knows that a server at some specific IP has been designated to reach users in that area, based on the ASN or however else they have it divided up. That IP gets returned to the server, and back to you. You connect to it, try to download, and see how that goes. When you switch to Google's 8.8.8.8/8.8.4.4 (or 4.2.2.1/4.2.2.2, or OpenDNS, or whatever else) you're tricking the server into thinking you're somewhere else, so you get pointed to a different server, one that is less loaded because there aren't nearly as many people hitting that server.

The actual distribution of servers and connections from them to various ISPs is a complex, ever-changing game. Akamai and the other big players pay people a lot of money solely to manage that sort of thing, and they've gotten to be pretty **bleep** good at it, and have a lot of big names like Apple, Microsoft, and Neulion (who runs most of the legal streaming sports packages) listed as customers. Apple is just starting to get into the game themselves, and they don't have it all figured out yet, especially when it comes to multi-gigabyte files.

 Also that's actually a new standard that Google is introducing and I'm not terribly aware of any cdn that is using it. Good thing proof is in the pudding, was testable, verifiable and able to be duplicated time and again. Fortunately,  yesterday apple off loaded the ios8 traffic and brought akamai in board to give relief to there cdn


It is performing better here, too -- It looks like they fixed it by resolving to an akamai address (63.217.211.x) rather than the apple one (17.253.x.x).


Most people shouldn't have this issue anymore, and no need to change DNS since Akamai was brought back for this part of the Apple Downloads.  

0 Likes
Re: All Apple updates time out. But through a VPN, it's fine!
CaptainSTX
Contributor - Level 3

With anycast typing in 8.8.8.8  anywhere in the world results in you being connected to the nearest available Google  DNS server be it in Istanbul or Indianapolis.

This protocol is also available and used by some CDNs.

The various network configuration and topologies deployed across the Internet probably explains why in some cases changing DNS servers or  a VPN may result in a faster connection and for some and for others no improvement.

0 Likes