I am told that there are two major (only?) ISP in China - China Telecom (CT) and China Unicom (CU) - and that traffic routed between the two is really slow, almost as bad as traffic that has to cross the Great Firewall. To work around this problem, you (as a web site operator in China) are supposed to get two external IP addresses for your web site, one for each provider.
Feel free to comment on if that is really necessary, but if it is, how would one implement the proper routing for this? Put both IP addresses into DNS for the same host name and let the client somehow figure out which one is better? Separate host names?
I am living in China and can confirm what you are saying.
Most big chinese internet portals like qq.com or baidu.com really have connections to both big ISPs and then route your traffic through one or the other depending on your internet connection.
I don't know how they do it, but i can see that depending on where I am the DNS record qq.com (one of china's biggest portals) resolves into different IP addresses:
My home connection:
My office connection:
And if i check the
whoisrecords of these different IPs I can see that they belong to different providers.So I'm guessing this mechanism is somehow implemented in their DNS. But i also don't know the details about how to do it.
Routing multiple IPs is fairly simple, it's a breeze with PBR, you create separate routing tables with iproute2, add rules that traffic coming through or originating from that IP are re-routed out through the same interface. As for the multiple IP addresses via DNS, you'd just need to set up views in BIND, making an ACL for users from ISP1 and one for users from ISP2, then have the BIND server respond with the correct IP for that netblock..
It seems to me that DNS is only part (and maybe the lesser part) of the solution, as it deals with incoming traffic. The responses are usually much larger than the requests, so you should probably have some routing tables installed on your servers to send the outgoing traffic through the right network adapter as well.
Update: Apparently, some hosting providers offer "BGP connections", which get rid of this problem, by routing a single IP address directly through gateways through all providers.