zlacker

>>stargr+(OP)
> massive mismatch (...) of where DNS and related HTTP requests come from causes so many troubles

Does anyone know what they could mean here? I get that having more open connections and slow requests is not great, but there are popular attacks people will try against them in this case. They already have to handle pathologic cases of slow requests, so handling some small number of slower clients shouldn't be an issue.

Or are they talking about some other problem?

>>virapt+F3
They are taking about Geo load balancing via DNS.[1]

Just try one of the akamai endpoints to test it. (E.g media.steampowered.com)

For me 1.1.1.1 serves akamai singapore IPs, while 8.8.8.8 serves IPs of my ISPs akamai cache in Sri Lanka.

If your ISP has a bad route to 1.1.1.1, this just gets worse.

[1] https://en.wikipedia.org/wiki/GeoDNS

>>miyuru+e5
Blocking a user because the site might load more slowly for them doesn't make any sense to me. If the user is choosing to use a DNS server that returns sub-optimal CDN IPs, isn't that their problem?

>>profmo+K5
This kind of blows my mind about this, and I'm surprised that everyone seems to be focused on conspiracy theories about Cloudflare instead of the apparent situation that archive.is is intentionally breaking fundamental behavior of the internet because they don't they aren't getting information they want from Cloudflare.

Internet protocols were designed to be redundant and resilient, so that things still work when things break and traffic takes other paths. When people do shit like this, we get a less reliable, less functional internet. Demanding to know the exact subnet a request originated from, and returning incorrect results when that information is not given, seems to me a thoroughly hostile behavior on the part of archive.is.