Hacker News new | ask | show | jobs
by NicoJuicy 995 days ago
No, they don't, please read this before making unresearched guesses ( note: I had the same reaction at first a couple of years ago).

They forward every info that is required for cdn's to function, that's why no other cdn's are complaining.

See the statement of the CEO:

https://news.ycombinator.com/item?id=19828317

Tldr:

> We publish the geolocation information of the IPs that we query from. That allows any network with less density than we have to properly return DNS-targeted results. For a relatively small operator like archive.is, there would be no loss in geo load balancing fidelity relying on the location of the Cloudflare PoP in lieu of EDNS IP subnets.

We are working with the small number of networks with a higher network/ISP density than Cloudflare (e.g., Netflix, Facebook, Google/YouTube) to come up with an EDNS IP Subnet alternative that gets them the information they need for geolocation targeting without risking user privacy and security.
1 comments
andrewla 995 days ago
Thanks for the clarification and link!

I do think that this has the effect of locking customers into Cloudflare's geoip data, which seems a little sketchy. The operator of archive.is claims that the data itself is bad[1] but I can't speak to his biases or motivations.

If the data is incomplete or bad, then you gain an advantage by using Cloudflare's services over rolling your own or using a competitor if a large number of customers are using their DNS, so I think the original point does stand. And if you are a competitor, your ability to compete with greater edge capacity or more targeted edge capacity is nonexistent.

[1] https://twitter.com/archiveis/status/1018691421182791680

link
NicoJuicy 995 days ago
I would doubt the owner has a bigger network than cloudflare as their cdn.

If you're cdn is Azure, GCE, or AWS, than you're cdn is spread over the regions that their cloud offers. You still have no use-case to know more.

So, who? There isn't a provider atm in the world. So the issue at hand is currently not existent, as far as I'm aware.

link
andrewla 995 days ago
Let's say you have more fine-grained capacity in a given metro than Cloudflare has in an attempt to provide additional value in that metro than Cloudflare can offer. You are blocked from doing so if endusers are using Cloudflare DNS.

I don't know if this is happening at the moment, but it's pretty clear that there is no real incentive to even attempt this given that you simply will not be able to offer any benefits because you don't have the data.

link
NicoJuicy 994 days ago
Who would set up ( or use) a dns that is better in 1 metro in the world? Do you?

The example given doesn't make any sense.

You're just giving an ideological example. Not one that occurs in the real world.

Here is one that actually happens: Using cloudflare DNS to protect privacy is one that occurs in the real world and eg. Apple is using them for exactly that.

But let's repeat:

> We are working with the small number of networks with a higher network/ISP density than Cloudflare (e.g., Netflix, Facebook, Google/YouTube) to come up with an EDNS IP Subnet alternative that gets them the information they need for geolocation targeting without risking user privacy and security.

link
pseg134 994 days ago
Yeah, so cloudflare is making sure no one else can compete.
link
NicoJuicy 994 days ago
Didn't read the last alinea?

> We are working with the small number of networks with a higher network/ISP density than Cloudflare (e.g., Netflix, Facebook, Google/YouTube) to come up with an EDNS IP Subnet alternative that gets them the information they need for geolocation targeting without risking user privacy and security.

---

I don't know what happened between that statement and now. Since they were working together with eg. Google to solve it.

Still. No example? So not an issue now?

link