nanog mailing list archives
RE: AWS S3 DNS load balancer
From: Deepak Jain <deepak () ai net>
Date: Tue, 15 Jun 2021 16:40:25 +0000
You can't use DNS to get "all" service IP's of a service like S3 or a CDN for traffic engineering purposes. That will not work, ever (for services of such scale). The hackery is assuming you can build a list of service IP's by querying DNS.
There are a lot of reasons why someone may want this… particularly to manage *other* people geo-basing their transport, but is this a local hack or is this a feature of one of the major auth-DNS packages. If its local hackery, trying to manage for it becomes a thankless activity.
CDN's and huge service work like this, and they use the standardized tools like DNS they have at their disposal. Building lists of service IP's from DNS is what the "local-hackery" here is. Toby explained the proper way to get the IP ranges. It's not via DNS, it never was. ---------------------- I'm not sure where you got the idea that I wanted a list of all of their IPs. Sorry for any confusion and any offense at using the word "hackery" in a way you deemed inappropriate. Deepak
Current thread:
- AWS S3 DNS load balancer Deepak Jain (Jun 15)
- Re: AWS S3 DNS load balancer Karl Auer (Jun 15)
- Re: AWS S3 DNS load balancer Christopher Morrow (Jun 15)
- RE: AWS S3 DNS load balancer Deepak Jain (Jun 15)
- Re: AWS S3 DNS load balancer Lukas Tribus (Jun 15)
- RE: AWS S3 DNS load balancer Deepak Jain (Jun 15)
- Re: AWS S3 DNS load balancer Christopher Morrow (Jun 15)
- Re: AWS S3 DNS load balancer Karl Auer (Jun 15)
- RE: AWS S3 DNS load balancer Deepak Jain (Jun 15)
- Re: AWS S3 DNS load balancer Andras Toth (Jun 16)
- Re: AWS S3 DNS load balancer Karl Auer (Jun 15)
- Re: AWS S3 DNS load balancer Christopher Morrow (Jun 15)