Update: This story has been updated with comments from Google open source guru Chris DiBona and it has been revised accordingly. Sometime in the middle of October, Google silently launched a new net domain - a barely-disguised doppelgänger to the familiar google.com - and according to the latest stats from the site watchers at …
It is used to identify Google servers
Reverse DNS for Google.com:
$ nslookup google.com
chown@microsoft:~$ nslookup 18.104.22.168
22.214.171.124.in-addr.arpa name = iw-in-f147.1e100.net.
So you could use iw-in-f147.1e100.net to access Google, if you wanted to, to bypass a filter for example.
So you can
That's interesting. Marginally
Isn't that supposed to be 44rd?
Indeed, that URL takes you straight to the Google home page
albeit the "English" version, which has a link to www.google.com/ncr, which is identical bar the lack of the word "English"
only because (you missed a step) DNS A for this name is configured - the above does not mean you can expect this name to point to the same IP...
.... as it should be.
Talk talk have messed up reverse-dns, but I'd never expect google to!
Pre-local apps & pre-updater?
Then what the hell is connecting to these servers? Presumably the Google apps on the user's machine, but why and what are they sending / receiving?
mite reg a new domain
Forgive me if I am wrong (as if... the forgiveness, that is) but I'm sure I remember a time when dot-com (and possibly other) domains weren't allowed to start with a digit. My how things have changed...
Yeah, I remember this too, but as Google have managed to register this domain perhaps it's the registrar (not registry) level that enforces that.
This is still the case - Google is becoming more and more like M$ every day - they can now add "violating the RFCs to suit own own purpose" to the "reasons we're like Microsoft" list.
"The labels must follow the rules for ARPANET host names. They must
start with a letter, end with a letter or digit, and have as interior
characters only letters, digits, and hyphen. There are also some
restrictions on the length. Labels must be 63 characters or less."
(Label is any component of the domain name - e.g. www, google, and com in www.google.com.
speaking of google....
The syntax of a legal Internet host name was specified in RFC-952 [DNS:4]. One aspect of host name syntax is hereby changed: the restriction on the first character is relaxed to allow either a letter or a digit. Host software MUST support this more liberal syntax.
3com is the first to come to my mind. Big deal.
annoying dns games
Personally I'm annoyed by this sort of thing. Not the 1e100, but using google.com, gstatic.com, googleapis.com, gmodules.com, gwhateverelsewecameupwithnow.com in a single webpage. What's wrong with static.google.com, apis.google.com, modules.google.com, and so on? It's already free, you already have a dns infrastrucutre where you can slot it in right there, it relieves tld and root servers, and generally uses the system as it is intended.
They're far from the only supposedly tech-savvy company that completely fails to understand how DNS is structured, but the very fact that all those big players including google can't do it, cap'n, means that the DNS itself has essentially failes because even the tech savvy are too stupid to understand it.
We could move to a glorified NETBIOS flat space and it'd make no discernible difference, minus the endless quibling about who is to get new TLD golden geese. Do us a favour, ICANN, and drop the pork barreling. We can live very well without those leeches at verisign, thank you. Go flat space.
Re: annoying dns games
"using google.com, gstatic.com, googleapis.com, gmodules.com, gwhateverelsewecameupwithnow.com in a single webpage"
I agree. What we need is for a major browser to start flagging this up as a soft error.
Imagine if browsers greyed out those parts of the page that were from a different domain. The immediate casualties would be ads. (The feature might even be popular, since most users would probably reckon that "greying out ads" was a usability feature worth upgrading for.) Also on the hit list would be sites that were stealing bandwidth, or trying to impersonate another site, or sites that just don't understand DNS (in the manner you describe).
There is a precedent. I believe at least some browsers will object to mixing http and https on the same page.
@AC and your "annoying DNS games"
I'm just wondering. Who exactly are you to utter something so arrogant as "supposedly tech-savvy company that completely fails to understand how DNS is structured"?
I'm no google fanboy, but clearly, one has to be both incredibly arrogant AND stupid to utter something like this.
I don't know how good google is and how much they understand of DNS, but clearly, they have combined experience in it that you couldn't get in ten thousand years, AND, as the almost only company who represents a large portion of all the web traffic in the world, have a very clear and immediate interest in having it work.
That would only be stupid if you had said this outside of any context, but as a post in an article clearly says that all types of google traffic use 1e100.net, that shows, in addition to stupidity, an inability to read (though, admittedly, you mention that your gripe is not about the topioc of the article, but about something else entirely).
concurrent connections to a host
Re: annoying DNS games
I believe that it's also used to avoid cross-site scripting problems, by preventing anything 'user-generated' from being served from the same domains as handle web-site authentication, etc.
(It's a hack to work around the hacks in web browsers that decide whether something is 'same domain' or not.)
When you say 'domain', I hope you mean don't mean the whole thing complete with subdomain.
Having different addresses is a very easy way to load balance. For instance, you'd have a powerful server running the cgi scripts, and one with high bandwidth for serving images, for example.
>concurrent connections to a host
But you would put them in the same domain.
The problem with this is that I don't want my browser downloading content from different domains on the same page.
Specifically if I'm reading a story from the reg i don't want anything from x10 or spam_adserver.com, more importantly if I think i'm on my bank's site because the logo is served from rbs.com I want to block the rest of the page if it is coming from dodgy_nigerian_scammer.com
If google start doing this nobody is going to be able to use simple adblockers - which is presumably what the worlds biggest ad server is aiming at
Re: @AC and your "annoying DNS games"
Kudos to call me arrorgant and stupid a couple of times, but completely failing to make a contextual argument why this would be so, and apparently failing to understand what I was saying completely. I say they didn't understand DNS, you say they have 10000+ years of combined experience running DNS, yet you don't show how they don't fail. What sort of counter-argument is that? What would be their well-reasoned argument against, other than 10000+ combined years of corporate stupidity?
Please do explain, I'd like to know.
To eludiate at least one part that you didn't grasp, they could equally well have used whatever.1e100.google.com as reverse. No need to register yet another domain, of which they publicly use too many already. So, if even the tech giants cannot master the simple idea of hierarchical naming, then it makes no sense to keep it and the complexity needed to keep that part of DNS going. Since the service DNS offers is rather vital to the internet, robustness and scaleability is important, and reducing complexity makes it easier to ensure the other two. So that's a good technical reason along with the political one mentioned earlier to go flat space.
@James R Grinter: Security boundaries
Similarly, it ensures that cookies are kept separate, allowing Google to say that, although they could link everything up, they don’t.
The domain name doubleclick.net could be replaced with tracking.google.com, and google-analytics.com with more-tracking.google.com.
Oh look I forgot a title
I thought I would try the UK version:
---- dos ---------
Addresses: 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11 18.104.22.168, 22.214.171.124
---- /dos ---------
hmm - way in? probably not - just a random name I guess.
Still - a quick tracert gives two different last routers before the trace ends.
10 7 ms 7 ms 7 ms 126.96.36.199
11 16 ms 15 ms 17 ms 188.8.131.52
12 7 ms 7 ms 7 ms wy-in-f106.1e100.net [184.108.40.206]
10 7 ms 7 ms 6 ms 220.127.116.11
11 20 ms 16 ms 17 ms 18.104.22.168
12 7 ms 7 ms 7 ms wy-in-f106.1e100.net [22.214.171.124]
getting bored with this now, and I'm sure people will post similar.
The question is what happens if we try and block this behaviour? Does it matter? Should we start complaining about transparancy and seeking a proper explanation for this - after all if I'm pinging www.google.co.uk do i care if wy-in-f106.1e100.net responds?
1e100 != 10^100
I'm pretty sure.
E = 10^
On graphics/scientific calculators, they display 10 to the power of as E.
So, on a graphics calculator, 1e100 would be equal to the long-hand 1 x 10^100.
Do these guys know what they yammer about?
"Sean verbally suggested the word 'googolplex' [a one followed by a googol zeros], and Larry responded verbally with the shortened form, 'googol'..."
'Googol' is not a shortened form of 'googolplex'. A googol is 1 with 100 zeros after it while a googolplex is 1 with a googol zeros after it. (It's also a multiplex movie theatre in Springfield, on the Simpsons.)
On our network I also noticed a lot of seemingly API traffic going through Google.NL recently
I only hope...
that Google has also registered le100.net 1el00.net, 1e1oo.net and the like, otherwise they have created a massive opportunity for the domain spoofers out there.
1e100.net: created by Google on 2009-09-24.
1e1oo.net: created on 2010-02-04.
1el00.net: created on 2010-02-08.
le100.net: created on 2009-11-21.
leloo.net: created on 2008-03-30.
So, looking at those dates, three of those are potentially scammer domains, and one very likely isn't.
The other eleven possibilities (discounting non-ASCII, which I've not checked) are all, as yet, unregistered…
It's really _really_ simple
It's the domain used in the PTR records in the rDNS of Google's many IPs.
That's why it's showing up.
Really, it's no more complicated than that.
@AC and about google being so much dumber than he is
I would venture an explanation, just to show there might be reasons you never stopped to think about. It may well be a stupid explanation, as I know nothing about the topic, but nonetheless it should remind you that if *I* am clueless on this, maybe if you stopped being full of it, you could start considering the fact google may have reasons you haven't thought of.
Home->DNS server-> main Google servers->modules.google.com servers
Home->DNS Server->gmodules.com servers
Do you see a difference? Yes, one less table to check to route the traffic, one less server to go through, possibly one less rerouting to the other side of the world to do.
Basically, ask yourself why the second one is good enough for google ads (which are not, I would guess, labeled googleads.anonymouscoward.com when they're seen on your website). Might it be because it would be pointless as you would then have to route the request to another completely different place in the world (google servers instead of your own) and wait for the reply (more traffic, more delay)?
Assuming google has sufficient traffic to locate parts of it to specific places in its portfolio of server farms (do you want to declare that you think they don't???), then targeting gmodules.com directly rather than google.com which then reroutes to some other server far, far, far away saves time and traffic.
What makes you think the data from gwhatever.com necessarily could be efficiently recovered from the address to which the DNS servers route basic google.com traffic?
Because you're not google, then you're technically justified having the information on your website sourced from two different physical locations (one for google's ads, one for your own content), but because google is a single legal entity, then they're not? Even though as a single company, they have to process data in tens of different server farms in different places in the world?
Excuse me, but it seems more likely to me that they know exactly what they're doing based on a very deep understanding of DNS and that you just didn't stop to think before posting.
I would guess that when the traffic is sent to different namedomains, then it's exactly because google may need to split the recovery of the information of the page between very different places and thus need the DNS servers to know that to avoid some back and forth across continents.
Disclaimer: part of my example of explanation may not be relevant since I don't know much about DNS. Still, I think you get the idea and can now apply it correctly with your own understanding of DNS, which is so much better than google's
I didn't think?
Maybe, maybe not. Mind that DNS has caching built into it up the yin yang, so it would look more like:
home->(isp recursor)->root->.com(glue records)->ns.google.com for www.google.com
home->(isp recursor) --shortcut due to caching-->ns.google.com for modules.google.com
Compare that to your ``shortcut'' which essentially offloads work on non-google servers for work that google can perfectly well do themselves and we're back to wondering what google is up to. They have more servers that do heavier lifting than serving DNS enough that the difference isn't discernible, except that making good use of ISP's recursors (who would cache gmodules.com too, so no difference for them), would reduce global work and improve user experience. It might be that the ISP recursors have a tendency to suck (they do), but that isn't improved by more domain names; it merely means more work overall.
Having worked as, among other things, a tech company's do-everything-IT-and-then-some janitor, including taking care of a stack of domain names, I can tell you that most of this sort of decision is made by people who haven't a fscking clue. I did indeed need a rather large mallet to keep some of the more idiotic ideas away from the wider internet. This seems to be no different at google, or most any other company, large or small. The only difference between tech company or no tech company is the amount of domains it needs for simple things like a single website.
Remains the question why google saw fit to move their RR PTRs to something entirely different than before.
And at another level, remains the question why we should still entertain hierarchical DNS and the multi-TLD pork-barreling ICANN is there to maintain, if everyone, and I do mean everyone, el reg included, treats it as a flat space (with sometimes extras).
"as I know nothing about the topic"
Whenever people who know nothing about the topic keep their mouths shut, the world's net happiness increases by a little bit. Do your part in making the world a better place!
More of the same
I imagine, like my last three comments on Cade's Google-bashing one track mind, this comment will be refused by the moderator. But here goes anyway:
The first paragraph uses the words "silently", "barely-disguised" and "mystery" to create a sense of wrongdoing but guess what? Google just set up a fucking web address. That's it. It's a web address.
Is Google-bashing for the sake of it going to be a regular feature of the Reg from now on? Because it really might tempt me to give up altogether.
Re: More of the same
It's a free country, Duncan. I'll only add/reiterate that if you look closely you'll find the Reg bashes almost everyone for the sake of it. It's a bashocracy in here. We spare no one and thus single no one out. If we haven't had a go at someone yet it's because we haven't got round to it, most likely.
Having a comment rejected on The Register should be seen as a badge of honour... Sort of like ASBOs for chavs.
I've had one rejected, which was quite mild, and felt very proud.
P.S. It's cheating if you intentionally try and get a message rejected.
Oh yes, please
Please, please bash me, Moderatrix...
Chickening out with AC
Chickening out with AC?
The Moderatrix can see through your AC mask, even if we mere mortals can't...
That's me spanked.
I haven't seen 1e100.net in NoScript yet...
... but I look forward to when I can see it blocked. :)
As for "between one million and 10 million servers, spanning “100s to 1000s” of global locations."
Makes me wonder what upper limit, (if any?) they see for themselves?. Just how much information on all of us will be enough to keep Google happy?
I imagine they're aiming at 1 bit per atom.
What the title said!
"Google" intended their name be "Googol" (the name for an extremely large number) but because of a very juvenile, marginally educated individual misunderstanding the intended name, it was misspelled yielding G-O-O-G-L-E. Sooooo...... in some places they retained the original intended name.
Don't you gurus know this?
"Sean is not an infallible speller, and he made the mistake of searching for the name spelled as "google.com,"
Maybe there is truth in Googol coming fropm googolplex, maybe there is truth in google coming from Googol, maybe there is truth in google being like googol and like 'go lego'!
Anyhoo I still prefer to think of them sitting in front of thier home made 10 drive server box made out of lego... willing it on by saying GoLego GoLegoGoLeGoogLegoogleGoogleGoogle Google...
Im sure there are those out their who like Go Ogle also...
We should do riddles about this
How do you call a blog whose only purpose is to register the self-congratulation of its author (i.e. pretty much all of them)?
Answer: Ego Log
What do you call what is left of somebody amputated by a train?
Answer: Leg goo
What do you say to a witch from the Lancre coven, just after she escaped from a charging bull?
Answer: Olé, Ogg!
What do you call an object from the Microsoft Component Object Model containing an open source codec?
Answer: .ogg OLE
etc. etc. etc.
They were playing pocket billiards.
Google is using its own internal routing system, and data is spilling out of all sorts and any available address on the google network..
Perhaps the [spanner?] system is using the best address for your locality at that time. meaning you get whatever/any address is on the great Gnet. whether that is google.com googlestatic.com 1e100.net etc.. This may be an unintended consequence. (would they admit such?!)
@annoying dns games
I too, think this is how it should be done. maybe google does too? maybe its all errors? maybe its intended to avoid and prevent a single point failure issue with google.com
And why, pray tell, do you think that?
Microsoft famously thought it was a good idea to put the nameservers for microsoft.com under msft.net. It even had four different nameservers, ns1.msft.net to ns4.msft.net! And then they found out that putting all of them on sequential IP addresses, and likely all in the same facility, wasn't such a hot idea when the connectivity to there went out. Now, well after the debacle, there's five and each is in a wildly different network, hopefully geographically distributed too.
There are many more tricks you can play to ensure redundancy, but if you actually know how the DNS works, you can do it with a single domain and some well-chosen glue records. There is no need whatsoever to put anything in different domains, and worse, there are now multiple points of failure of the same type that might affect "user experience". That is, if using just google.com was a single point of failure (with the right setup it is not), then using gmodules.com and google.com is two single points of failure.
Consider: DNS for gmodules.com works but it doesn't for google.com. gmodules.com is useless without google.com. Or perhaps DNS for google.com works, but it doesn't for gmodules.com. google.com only works halfway; you get funky hangups and frustrating load-time problems trying to use maps.google.com et al. Now in this case gmodules.com is also served by google's name servers (ns[1-4].google.com), meaning an inefficiency in querying offloaded on various non-google servers that otherwise would have been short-cut by the ISP recursors. And so on and so forth for all the extra domains using google.com requires nowadays.
Show me why you think it should be done this way and where you think the advantage is.
maybe they got their name because ..
.. googol.com was already registered, 2 years previously, by what looks like a squatter (who probably thought they were going to land squillions when the boys' little idea took off).
I don't know about DNS but ...
... I'm going to assert google are right anyway. Why ? because they are google.
There was once a time when IT people used to appreciate the advice of people that were clearly knowledgable and experienced in their area.
However - these days you can leave uni with a comp sci degree and you are a genius in every area.
And then you can defer your critical thinking and leave it to some corporation. This deference was wrong when it was applied to microsoft - and just as wrong when it's applied to google.
Google's response is on slashdot
- JLaw, Kate Upton exposed in celeb nude pics hack
- Google flushes out users of old browsers by serving up CLUNKY, AGED version of search
- GCHQ protesters stick it to British spooks ... by drinking urine
- China: You, Microsoft. Office-Windows 'compatibility'. You have 20 days to explain
- Something for the Weekend, Sir? If you think 3D printing is just firing blanks, just you wait