Cloudflare DNS does not route efficiently with AWS CloudFront anycast DNS. I tracked down insanely slow `rustup update` downloads to incorrect selection of ideal routes to the AWS resources caused by using CF to resolve the DNS. Switching to a different resolver that works with anycast and EDNS fixed it.
CF saying “we break standard DNS geo routing but work with providers to route things right” isn’t very inspiring.
> Cloudflare DNS does not route efficiently with AWS CloudFront anycast DNS. I tracked down insanely slow `rustup update` downloads to incorrect selection of ideal routes to the AWS resources caused by using CF to resolve the DNS.
Please send me details (silverlock at cloudflare) here - AWS has our geofeed.
If you can include resolution details - e.g. dig @1.1.1.1 <cloudfront-host> +nsid - with the incorrect CF results, we can provide them to AWS.
Folks did geo-routing with DNS long before ECS was included, and there’s a privacy trade-off to be had. We’re exploring ways to make this better but there is no free lunch.
ComputerGuru|4 years ago
CF saying “we break standard DNS geo routing but work with providers to route things right” isn’t very inspiring.
elithrar|4 years ago
Please send me details (silverlock at cloudflare) here - AWS has our geofeed.
If you can include resolution details - e.g. dig @1.1.1.1 <cloudfront-host> +nsid - with the incorrect CF results, we can provide them to AWS.
Folks did geo-routing with DNS long before ECS was included, and there’s a privacy trade-off to be had. We’re exploring ways to make this better but there is no free lunch.