Doing Horrible Things to DNS in the Name of Science - SF Performance Meetup

•

0 likes•2,081 views

The document discusses techniques for improving website performance through modifications to DNS. It describes how serial HTTP loading is slower than parallel loading due to round trip times for DNS lookups. It then evaluates options for implementing parallel DNS lookups, including using CNAME records to alias multiple hostnames to a single IP address, and placing additional IP addresses in the answer or additional sections of DNS responses to allow parallel lookups. While these techniques could improve performance, they may violate DNS standards or caching assumptions.

Technology

Doing
Horrible Things
to DNS
(in the name of science)

@sh1mmer SF Perf Meetup
Thursday, September 23, 2010

The basics of DNS

Thursday, September 23, 2010

San Francisco - Mission Branch
Thursday, September 23, 2010

San Francisco - Main Library
Thursday, September 23, 2010

New York City - 5th & 42nd Branch
Thursday, September 23, 2010

DNS for performance

Thursday, September 23, 2010

Page Load Time vs. Bandwidth
Thursday, September 23, 2010

Page Load Time vs. Round Trip Time
Thursday, September 23, 2010

Trend Curves for Bandwidth vs. RTT
Thursday, September 23, 2010

Serial HTTP loading
Thursday, September 23, 2010

Parallel HTTP loading
Thursday, September 23, 2010

Why not just use a bunch of domains?

Thursday, September 23, 2010

DNS Querying
Thursday, September 23, 2010

Ideal? 1 domain many threads

Thursday, September 23, 2010

Option 1: SPDY

Thursday, September 23, 2010

Good: Multi-thread TCP connections
Bad: Only works on Chrome

Thursday, September 23, 2010

Option 2: Do horrible things to DNS

Thursday, September 23, 2010

Good: Works now
Bad: Might have to violate RFCs

Thursday, September 23, 2010

Option 2a - Mucking about with C names

Thursday, September 23, 2010

CNAMES are hosts which
are aliases of other hosts

Thursday, September 23, 2010

ajax1.hackerhouse.org. 1800 IN CNAME ajax2.hackerhouse.
ajax2.hackerhouse.org. 1800 IN CNAME ajax3.hackerhouse.
ajax3.hackerhouse.org. 1800 IN CNAME ajax4.hackerhouse.
ajax4.hackerhouse.org. 1800 IN CNAME ajax5.hackerhouse.
ajax5.hackerhouse.org. 1800 IN CNAME ajax.hackerhouse.
ajax.hackerhouse.org. 1800 IN A 127.0.0.1

Thursday, September 23, 2010

We now have 6 hostnames

Thursday, September 23, 2010

Good: 6 hostnames
Bad: Inflexible

Thursday, September 23, 2010

Option 2b - Doing weird things with RRs

Thursday, September 23, 2010

RR is the section of a DNS response which
contains the HOST records

Thursday, September 23, 2010

;; QUESTION SECTION:
;ajax.hackerhouse.org. IN A

;; ANSWER SECTION:
ajax.hackerhouse.org. 60 IN A 184.106.231.91

Thursday, September 23, 2010

;; QUESTION SECTION:
;ajax.hackerhouse.org. IN A
;ajax1.hackerhouse.org. IN A
;ajax2.hackerhouse.org. IN A

;; ANSWER SECTION:
ajax.hackerhouse.org. 60 IN A 184.106.231.91
ajax1.hackerhouse.org. 60 IN A 184.106.231.90
ajax2.hackerhouse.org. 60 IN A 184.106.231.89

Thursday, September 23, 2010

;; QUESTION SECTION:
;ajax.hackerhouse.org. IN A

;; ANSWER SECTION:
ajax.hackerhouse.org. 60 IN A 184.106.231.91

;; ADDITIONAL SECTION:
ajax1.hackerhouse.org. 60 IN A 184.106.231.90
ajax2.hackerhouse.org. 60 IN A 184.106.231.89

Thursday, September 23, 2010

Good: Flexible
Bad: Caching /Violating RFCs

Thursday, September 23, 2010

Increasingly we want to do more with the web and Internet applications we build. We have more features, more data, more users, more devices and all of it needs to be in real-time. With all of these demands how can we keep up? The answer is choosing a language and a platform that are optimized for the kind of architecture Internet and web applications really have. The traditional approach prioritises computation, assigning server resources before they are actually needed. JavaScript and Node.js both take an event driven approach only assigning resources to events as they happen. This allows us to make dramatic gains in performance and resource utilization while still having an environment which is fun and easy to program.

How to stop writing spaghetti code - JSConf.eu 2010Tom Croucher

Sf perfTom Croucher

Node.js and How JavaScript is Changing Server Programming

Tom Croucher

Node.js is a highly concurrent JavaScript server written on top of the V8 JavaScript runtime. This is awesome for a number of reasons. Firstly Node.js has re-architected some of the core module of V8 to create a server implementation that is non-blocking (similar to other event driven frameworks like Ruby’s Event Machine or Python’s Twisted). Event driven architectures are a natural fit for JavaScript developers because it’s already how the browser works. By using an event driven framework Node is not only intuitive to use but also highly scalable. Tests have shown Node instances running tens of thousands of simultaneous users. This session will explore the architectural basics of Node.js and how it’s different from blocking server implementations such as PHP, Rail or Java Servlets. We’ll explore some basic examples of creating a simple server, dealing with HTTP requests, etc. The bigger question is once we have this awesome programming environment, what do we do with it? Node already has a really vibrant collection of modules which provide a range of functionality. Demystifying what’s available is pretty important to actually getting stuff done with Node. Since Node itself is very low level, lot’s of things people expect in web servers aren’t automatically there (for example, request routing). In order to help ease people into using Node this session will look at a range of the best modules for Node.js.

Server Side JavaScript - You ain't seen nothing yetTom Croucher

JavaScript Everywhere! Creating a 100% JavaScript web stack

Tom Croucher

One of the costs of working on the web has traditionally been having to work in multiple languages. JavaScript has been the only choice for web front-ends, but as soon as you start back-end work, it can be anything from PHP to Python to Perl to Ruby or even C. Anything, that is, but JavaScript.In the last year server-side JavaScript has leapt forward with a passion, partly due to CommonJS but also due to NodeJS. With these new advances we have an opportunity to enjoy more code re-use, and faster, more efficient pages. We’ll explore server-side JavaScript and look at how we can use a JavaScript DOM/BOM to run YUI3 on NodeJS, allowing us to reuse the same code on the client and the server, deliver targeted experiences to various classes of client, and smoke test DOM operations during continuous integration.

Mobile Data: How to avoid the latency trap - SWDC 2010Tom Croucher

Let's run JavaScript Everywhere

Tom Croucher

Pirate yqlTom Croucher

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

Recently uploaded

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

The Future of Platform Engineering

Jemma Hussein Allen

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

Assuring Contact Center Experiences for Your Customers With ThousandEyes

ThousandEyes

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 3

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

The Future of Platform Engineering

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Securing your Kubernetes cluster_ a step-by-step guide to success !

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Assuring Contact Center Experiences for Your Customers With ThousandEyes

Leading Change strategies and insights for effective change management pdf 1.pdf

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

The Art of the Pitch: WordPress Relationships and Sales

FIDO Alliance Osaka Seminar: Overview.pdf

Doing Horrible Things to DNS in the Name of Science - SF Performance Meetup

1. Doing Horrible Things to DNS (in the name of science) @sh1mmer SF Perf Meetup Thursday, September 23, 2010

2. The basics of DNS Thursday, September 23, 2010

3. Thursday, September 23, 2010

4. Thursday, September 23, 2010

5. Thursday, September 23, 2010

6. Thursday, September 23, 2010

7. Thursday, September 23, 2010

8. San Francisco - Mission Branch Thursday, September 23, 2010

9. Thursday, September 23, 2010

10. Thursday, September 23, 2010

11. San Francisco - Main Library Thursday, September 23, 2010

12. Thursday, September 23, 2010

13. Thursday, September 23, 2010

14. New York City - 5th & 42nd Branch Thursday, September 23, 2010

15. Thursday, September 23, 2010

16. Thursday, September 23, 2010

17. New York City - 5th & 42nd Branch Thursday, September 23, 2010

18. Thursday, September 23, 2010

19. San Francisco - Main Library Thursday, September 23, 2010

20. San Francisco - Main Library Thursday, September 23, 2010

21. Thursday, September 23, 2010

22. San Francisco - Mission Branch Thursday, September 23, 2010

23. San Francisco - Mission Branch Thursday, September 23, 2010

24. Thursday, September 23, 2010

25. Thursday, September 23, 2010

26. Thursday, September 23, 2010

27. Thursday, September 23, 2010

28. DNS for performance Thursday, September 23, 2010

29. Page Load Time vs. Bandwidth Thursday, September 23, 2010

30. Page Load Time vs. Round Trip Time Thursday, September 23, 2010

31. Trend Curves for Bandwidth vs. RTT Thursday, September 23, 2010

32. Serial HTTP loading Thursday, September 23, 2010

33. Parallel HTTP loading Thursday, September 23, 2010

34. Why not just use a bunch of domains? Thursday, September 23, 2010

35. DNS Querying Thursday, September 23, 2010

36. Ideal? 1 domain many threads Thursday, September 23, 2010

37. Option 1: SPDY Thursday, September 23, 2010

38. Good: Multi-thread TCP connections Bad: Only works on Chrome Thursday, September 23, 2010

39. Option 2: Do horrible things to DNS Thursday, September 23, 2010

40. Good: Works now Bad: Might have to violate RFCs Thursday, September 23, 2010

41. Option 2a - Mucking about with C names Thursday, September 23, 2010

42. CNAMES are hosts which are aliases of other hosts Thursday, September 23, 2010

43. ajax1.hackerhouse.org. 1800 IN CNAME ajax2.hackerhouse. ajax2.hackerhouse.org. 1800 IN CNAME ajax3.hackerhouse. ajax3.hackerhouse.org. 1800 IN CNAME ajax4.hackerhouse. ajax4.hackerhouse.org. 1800 IN CNAME ajax5.hackerhouse. ajax5.hackerhouse.org. 1800 IN CNAME ajax.hackerhouse. ajax.hackerhouse.org. 1800 IN A 127.0.0.1 Thursday, September 23, 2010

44. We now have 6 hostnames Thursday, September 23, 2010

45. Good: 6 hostnames Bad: Inflexible Thursday, September 23, 2010

46. Option 2b - Doing weird things with RRs Thursday, September 23, 2010

47. RR is the section of a DNS response which contains the HOST records Thursday, September 23, 2010

48. ;; QUESTION SECTION: ;ajax.hackerhouse.org. IN A ;; ANSWER SECTION: ajax.hackerhouse.org. 60 IN A 184.106.231.91 Thursday, September 23, 2010

49. ;; QUESTION SECTION: ;ajax.hackerhouse.org. IN A ;ajax1.hackerhouse.org. IN A ;ajax2.hackerhouse.org. IN A ;; ANSWER SECTION: ajax.hackerhouse.org. 60 IN A 184.106.231.91 ajax1.hackerhouse.org. 60 IN A 184.106.231.90 ajax2.hackerhouse.org. 60 IN A 184.106.231.89 Thursday, September 23, 2010

50. ;; QUESTION SECTION: ;ajax.hackerhouse.org. IN A ;; ANSWER SECTION: ajax.hackerhouse.org. 60 IN A 184.106.231.91 ;; ADDITIONAL SECTION: ajax1.hackerhouse.org. 60 IN A 184.106.231.90 ajax2.hackerhouse.org. 60 IN A 184.106.231.89 Thursday, September 23, 2010

51. Good: Flexible Bad: Caching /Violating RFCs Thursday, September 23, 2010

Doing Horrible Things to DNS in the Name of Science - SF Performance Meetup

Recommended

Recommended

More Related Content

More from Tom Croucher

More from Tom Croucher (20)

Recently uploaded

Recently uploaded (20)

Doing Horrible Things to DNS in the Name of Science - SF Performance Meetup