browse
Overview
Sometimes, you may notice your DNS traffic is being routed to a data center (DC) that is not the closest location to you. You may also notice higher latency when being routed to one location versus another.
Umbrella utilizes anycast routing. Every data center announces the same IP addresses. BGP then takes care of the rest, routing requests transparently to the fastest available location.
When you configure your network to send DNS queries to 208.67.222.222 and 208.67.220.220, your DNS traffic could be routed through any of the locations listed on our System Status page, depending on geographical distance, peering, congestion, and other measures. We represent our locations by their IATA 3-letter airport code.
Technical Details
Due to limited peering arrangements with some ISPs (mostly in China), the RTT (Round Trip Time) to the closest Cisco Umbrella data center depends on geographic location and connection type. For example, we find that most customers within China are routed to our Tokyo, Hong Kong, or Singapore locations.
We only provide DNS answers to your queries. The routing to the destination is handled by the paths between the ISP and the target host; we cannot control the route your traffic takes to reach our data centers. However, with careful peering arrangements (and some luck), we can influence the route taken.
Checking which DC your DNS traffic is routed to
This information can be found by simply running a DNS query for a TXT record from which.opendns.com. This is a simplified return of the debug.opendns.com command which only returns datacenter locale information. For example:
nslookup -type=txt which.opendns.com.
Among the output, you'll want to look for a line similar to this:
which.opendns.com text = "m41.pao"
The response contains the resolver that responded to the query, including its location represented by its IATA 3-letter airport code. In this case, the server is m41.pao, which is in Palo Alto, USA, or "PAO".
See our System Status page to see all of our server locations. See List of airports by IATA code for a full list of IATA 3-letter airport codes.
Troubleshooting Latency
If your DNS traffic is being routed to a DC that is very far from your actual location and is causing a greater latency, it's possible you're using a remote-access VPN. Try your queries again while disconnected from the VPN to confirm this is the case.
You may also find that your ISP has an actual egress point (geographical location where the traffic leaves their network to reach the 'wider Internet') that is also nowhere near you. Some ISP's do this sort of thing in order to cut costs. You could live in the same town as one of our DC's, but because your ISP is hitting the Internet from another city, the RTT to another of our DCs could be faster, and therefore that location would be used.
If you're experiencing location/latency problems and have ruled out VPNs, please contact our Support team at umbrella-support@cisco.com.
Comments
0 comments
Please sign in to leave a comment.