Google doppelgänger casts riddle over interwebs Update: This story has been updated with comments from Google open source guru Chris DiBona and it has been revised accordingly. Sometime in the middle of October, Google silently launched a new net domain - a barely-disguised doppelgänger to the familiar google.com - and according to the latest stats from the site watchers at …
Reverse DNS for Google.com:
$ nslookup google.com
Non-authoritative answer:
Name: google.com
Address: 74.125.95.147
[snip]
chown@microsoft:~$ nslookup 74.125.95.147
Non-authoritative answer:
147.95.125.74.in-addr.arpa name = iw-in-f147.1e100.net.
So you could use iw-in-f147.1e100.net to access Google, if you wanted to, to bypass a filter for example.
Yeah, I remember this too, but as Google have managed to register this domain perhaps it's the registrar (not registry) level that enforces that.
This is still the case - Google is becoming more and more like M$ every day - they can now add "violating the RFCs to suit own own purpose" to the "reasons we're like Microsoft" list.
From RFC1035:
"The labels must follow the rules for ARPANET host names. They must
start with a letter, end with a letter or digit, and have as interior
characters only letters, digits, and hyphen. There are also some
restrictions on the length. Labels must be 63 characters or less."
(Label is any component of the domain name - e.g. www, google, and com in www.google.com.
http://tools.ietf.org/html/rfc1123
The syntax of a legal Internet host name was specified in RFC-952 [DNS:4]. One aspect of host name syntax is hereby changed: the restriction on the first character is relaxed to allow either a letter or a digit. Host software MUST support this more liberal syntax.
Personally I'm annoyed by this sort of thing. Not the 1e100, but using google.com, gstatic.com, googleapis.com, gmodules.com, gwhateverelsewecameupwithnow.com in a single webpage. What's wrong with static.google.com, apis.google.com, modules.google.com, and so on? It's already free, you already have a dns infrastrucutre where you can slot it in right there, it relieves tld and root servers, and generally uses the system as it is intended.
They're far from the only supposedly tech-savvy company that completely fails to understand how DNS is structured, but the very fact that all those big players including google can't do it, cap'n, means that the DNS itself has essentially failes because even the tech savvy are too stupid to understand it.
We could move to a glorified NETBIOS flat space and it'd make no discernible difference, minus the endless quibling about who is to get new TLD golden geese. Do us a favour, ICANN, and drop the pork barreling. We can live very well without those leeches at verisign, thank you. Go flat space.
"using google.com, gstatic.com, googleapis.com, gmodules.com, gwhateverelsewecameupwithnow.com in a single webpage"
I agree. What we need is for a major browser to start flagging this up as a soft error.
Imagine if browsers greyed out those parts of the page that were from a different domain. The immediate casualties would be ads. (The feature might even be popular, since most users would probably reckon that "greying out ads" was a usability feature worth upgrading for.) Also on the hit list would be sites that were stealing bandwidth, or trying to impersonate another site, or sites that just don't understand DNS (in the manner you describe).
There is a precedent. I believe at least some browsers will object to mixing http and https on the same page.
I'm just wondering. Who exactly are you to utter something so arrogant as "supposedly tech-savvy company that completely fails to understand how DNS is structured"?
I'm no google fanboy, but clearly, one has to be both incredibly arrogant AND stupid to utter something like this.
I don't know how good google is and how much they understand of DNS, but clearly, they have combined experience in it that you couldn't get in ten thousand years, AND, as the almost only company who represents a large portion of all the web traffic in the world, have a very clear and immediate interest in having it work.
That would only be stupid if you had said this outside of any context, but as a post in an article clearly says that all types of google traffic use 1e100.net, that shows, in addition to stupidity, an inability to read (though, admittedly, you mention that your gripe is not about the topioc of the article, but about something else entirely).
IIRC a lot of browsers limit the number of concurrent conenctions to a specific host so by using multiple domain names (eg one for javascript files, one for images, one for HTML, one for ajax services etc) you can increase the overall throughput/performance without being throttled by that (dial up) limitiation
But you would put them in the same domain.
The problem with this is that I don't want my browser downloading content from different domains on the same page.
Specifically if I'm reading a story from the reg i don't want anything from x10 or spam_adserver.com, more importantly if I think i'm on my bank's site because the logo is served from rbs.com I want to block the rest of the page if it is coming from dodgy_nigerian_scammer.com
If google start doing this nobody is going to be able to use simple adblockers - which is presumably what the worlds biggest ad server is aiming at
Kudos to call me arrorgant and stupid a couple of times, but completely failing to make a contextual argument why this would be so, and apparently failing to understand what I was saying completely. I say they didn't understand DNS, you say they have 10000+ years of combined experience running DNS, yet you don't show how they don't fail. What sort of counter-argument is that? What would be their well-reasoned argument against, other than 10000+ combined years of corporate stupidity?
Please do explain, I'd like to know.
To eludiate at least one part that you didn't grasp, they could equally well have used whatever.1e100.google.com as reverse. No need to register yet another domain, of which they publicly use too many already. So, if even the tech giants cannot master the simple idea of hierarchical naming, then it makes no sense to keep it and the complexity needed to keep that part of DNS going. Since the service DNS offers is rather vital to the internet, robustness and scaleability is important, and reducing complexity makes it easier to ensure the other two. So that's a good technical reason along with the political one mentioned earlier to go flat space.
I believe that it's also used to avoid cross-site scripting problems, by preventing anything 'user-generated' from being served from the same domains as handle web-site authentication, etc.
(It's a hack to work around the hacks in web browsers that decide whether something is 'same domain' or not.)
Similarly, it ensures that cookies are kept separate, allowing Google to say that, although they could link everything up, they don’t.
The domain name doubleclick.net could be replaced with tracking.google.com, and google-analytics.com with more-tracking.google.com.
I thought I would try the UK version:
---- dos ---------
>nslookup google.co.uk
...
Non-authoritative answer:
Name: google.co.uk
Addresses: 209.85.227.106, 209.85.227.147, 209.85.227.99, 209.85.227.103 209.85.227.104, 209.85.227.105
>nslookup 209.85.227.106
...
Name: wy-in-f106.1e100.net
Address: 209.85.227.106
---- /dos ---------
hmm - way in? probably not - just a random name I guess.
Still - a quick tracert gives two different last routers before the trace ends.
10 7 ms 7 ms 7 ms 216.239.49.45
11 16 ms 15 ms 17 ms 209.85.243.97
12 7 ms 7 ms 7 ms wy-in-f106.1e100.net [209.85.227.106]
Trace complete.
and
10 7 ms 7 ms 6 ms 216.239.49.45
11 20 ms 16 ms 17 ms 209.85.243.101
12 7 ms 7 ms 7 ms wy-in-f106.1e100.net [209.85.227.106]
Trace complete.
getting bored with this now, and I'm sure people will post similar.
The question is what happens if we try and block this behaviour? Does it matter? Should we start complaining about transparancy and seeking a proper explanation for this - after all if I'm pinging www.google.co.uk do i care if wy-in-f106.1e100.net responds?
hmm
ttfn
"Sean verbally suggested the word 'googolplex' [a one followed by a googol zeros], and Larry responded verbally with the shortened form, 'googol'..."
'Googol' is not a shortened form of 'googolplex'. A googol is 1 with 100 zeros after it while a googolplex is 1 with a googol zeros after it. (It's also a multiplex movie theatre in Springfield, on the Simpsons.)
1e100.net: created by Google on 2009-09-24.
1e1oo.net: created on 2010-02-04.
1el00.net: created on 2010-02-08.
le100.net: created on 2009-11-21.
leloo.net: created on 2008-03-30.
So, looking at those dates, three of those are potentially scammer domains, and one very likely isn't.
The other eleven possibilities (discounting non-ASCII, which I've not checked) are all, as yet, unregistered…
I would venture an explanation, just to show there might be reasons you never stopped to think about. It may well be a stupid explanation, as I know nothing about the topic, but nonetheless it should remind you that if *I* am clueless on this, maybe if you stopped being full of it, you could start considering the fact google may have reasons you haven't thought of.
Home->DNS server-> main Google servers->modules.google.com servers
Home->DNS Server->gmodules.com servers
Do you see a difference? Yes, one less table to check to route the traffic, one less server to go through, possibly one less rerouting to the other side of the world to do.
Basically, ask yourself why the second one is good enough for google ads (which are not, I would guess, labeled googleads.anonymouscoward.com when they're seen on your website). Might it be because it would be pointless as you would then have to route the request to another completely different place in the world (google servers instead of your own) and wait for the reply (more traffic, more delay)?
Assuming google has sufficient traffic to locate parts of it to specific places in its portfolio of server farms (do you want to declare that you think they don't???), then targeting gmodules.com directly rather than google.com which then reroutes to some other server far, far, far away saves time and traffic.
What makes you think the data from gwhatever.com necessarily could be efficiently recovered from the address to which the DNS servers route basic google.com traffic?
Because you're not google, then you're technically justified having the information on your website sourced from two different physical locations (one for google's ads, one for your own content), but because google is a single legal entity, then they're not? Even though as a single company, they have to process data in tens of different server farms in different places in the world?
Excuse me, but it seems more likely to me that they know exactly what they're doing based on a very deep understanding of DNS and that you just didn't stop to think before posting.
I would guess that when the traffic is sent to different namedomains, then it's exactly because google may need to split the recovery of the information of the page between very different places and thus need the DNS servers to know that to avoid some back and forth across continents.
Disclaimer: part of my example of explanation may not be relevant since I don't know much about DNS. Still, I think you get the idea and can now apply it correctly with your own understanding of DNS, which is so much better than google's
Maybe, maybe not. Mind that DNS has caching built into it up the yin yang, so it would look more like:
home->(isp recursor)->root->.com(glue records)->ns.google.com for www.google.com
home->(isp recursor) --shortcut due to caching-->ns.google.com for modules.google.com
Compare that to your ``shortcut'' which essentially offloads work on non-google servers for work that google can perfectly well do themselves and we're back to wondering what google is up to. They have more servers that do heavier lifting than serving DNS enough that the difference isn't discernible, except that making good use of ISP's recursors (who would cache gmodules.com too, so no difference for them), would reduce global work and improve user experience. It might be that the ISP recursors have a tendency to suck (they do), but that isn't improved by more domain names; it merely means more work overall.
Having worked as, among other things, a tech company's do-everything-IT-and-then-some janitor, including taking care of a stack of domain names, I can tell you that most of this sort of decision is made by people who haven't a fscking clue. I did indeed need a rather large mallet to keep some of the more idiotic ideas away from the wider internet. This seems to be no different at google, or most any other company, large or small. The only difference between tech company or no tech company is the amount of domains it needs for simple things like a single website.
Remains the question why google saw fit to move their RR PTRs to something entirely different than before.
And at another level, remains the question why we should still entertain hierarchical DNS and the multi-TLD pork-barreling ICANN is there to maintain, if everyone, and I do mean everyone, el reg included, treats it as a flat space (with sometimes extras).
I imagine, like my last three comments on Cade's Google-bashing one track mind, this comment will be refused by the moderator. But here goes anyway:
The first paragraph uses the words "silently", "barely-disguised" and "mystery" to create a sense of wrongdoing but guess what? Google just set up a fucking web address. That's it. It's a web address.
Is Google-bashing for the sake of it going to be a regular feature of the Reg from now on? Because it really might tempt me to give up altogether.
It's a free country, Duncan. I'll only add/reiterate that if you look closely you'll find the Reg bashes almost everyone for the sake of it. It's a bashocracy in here. We spare no one and thus single no one out. If we haven't had a go at someone yet it's because we haven't got round to it, most likely.
... but I look forward to when I can see it blocked. :)
As for "between one million and 10 million servers, spanning “100s to 1000s” of global locations."
Makes me wonder what upper limit, (if any?) they see for themselves?. Just how much information on all of us will be enough to keep Google happy?
"Google" intended their name be "Googol" (the name for an extremely large number) but because of a very juvenile, marginally educated individual misunderstanding the intended name, it was misspelled yielding G-O-O-G-L-E. Sooooo...... in some places they retained the original intended name.
Don't you gurus know this?
"Sean is not an infallible speller, and he made the mistake of searching for the name spelled as "google.com,"
Maybe there is truth in Googol coming fropm googolplex, maybe there is truth in google coming from Googol, maybe there is truth in google being like googol and like 'go lego'!
Anyhoo I still prefer to think of them sitting in front of thier home made 10 drive server box made out of lego... willing it on by saying GoLego GoLegoGoLeGoogLegoogleGoogleGoogle Google...
Im sure there are those out their who like Go Ogle also...
How do you call a blog whose only purpose is to register the self-congratulation of its author (i.e. pretty much all of them)?
Answer: Ego Log
What do you call what is left of somebody amputated by a train?
Answer: Leg goo
What do you say to a witch from the Lancre coven, just after she escaped from a charging bull?
Answer: Olé, Ogg!
What do you call an object from the Microsoft Component Object Model containing an open source codec?
Answer: .ogg OLE
etc. etc. etc.
Google is using its own internal routing system, and data is spilling out of all sorts and any available address on the google network..
Perhaps the [spanner?] system is using the best address for your locality at that time. meaning you get whatever/any address is on the great Gnet. whether that is google.com googlestatic.com 1e100.net etc.. This may be an unintended consequence. (would they admit such?!)
@annoying dns games
I too, think this is how it should be done. maybe google does too? maybe its all errors? maybe its intended to avoid and prevent a single point failure issue with google.com
Microsoft famously thought it was a good idea to put the nameservers for microsoft.com under msft.net. It even had four different nameservers, ns1.msft.net to ns4.msft.net! And then they found out that putting all of them on sequential IP addresses, and likely all in the same facility, wasn't such a hot idea when the connectivity to there went out. Now, well after the debacle, there's five and each is in a wildly different network, hopefully geographically distributed too.
There are many more tricks you can play to ensure redundancy, but if you actually know how the DNS works, you can do it with a single domain and some well-chosen glue records. There is no need whatsoever to put anything in different domains, and worse, there are now multiple points of failure of the same type that might affect "user experience". That is, if using just google.com was a single point of failure (with the right setup it is not), then using gmodules.com and google.com is two single points of failure.
Consider: DNS for gmodules.com works but it doesn't for google.com. gmodules.com is useless without google.com. Or perhaps DNS for google.com works, but it doesn't for gmodules.com. google.com only works halfway; you get funky hangups and frustrating load-time problems trying to use maps.google.com et al. Now in this case gmodules.com is also served by google's name servers (ns[1-4].google.com), meaning an inefficiency in querying offloaded on various non-google servers that otherwise would have been short-cut by the ISP recursors. And so on and so forth for all the extra domains using google.com requires nowadays.
Show me why you think it should be done this way and where you think the advantage is.
This post has been deleted by its author
... I'm going to assert google are right anyway. Why ? because they are google.
There was once a time when IT people used to appreciate the advice of people that were clearly knowledgable and experienced in their area.
However - these days you can leave uni with a comp sci degree and you are a genius in every area.
And then you can defer your critical thinking and leave it to some corporation. This deference was wrong when it was applied to microsoft - and just as wrong when it's applied to google.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
