I’ve noticed that since launch Cloudflare will often return records for distant Cloudfront edges, even when querying a local 188.8.131.52 edge.
This is a painful interaction for a CDN product that is supposed to reduce global latency.
I believe that it is a Cloudflare issue because other recursive resolvers, and the
identity.cloudfront.net resolver do not seem to ever suffer from this degradation:
2018/08/27 21:43:52 [resolver=184.108.40.206:53,msgId=61668,host=220.127.116.11,rtt=220.251322ms] 2018/08/27 21:43:53 [resolver=18.104.22.168:53,msgId=8640,host=22.214.171.124,rtt=55.775511ms] 2018/08/27 21:43:53 [resolver=identity.cloudfront.net:53,msgId=33957,host=126.96.36.199,rtt=47.597676ms]
(RTT measured by TCP open to one of the A RRs, this example was from “MEL” Cloudflare resolver).
I’m currently running a longer-term test to figure out how often this happens, but it’s often enough to be annoying. It seems to affect all Cloudfront domains (e.g. all of the Atlassian sites).
Cloudfront uses DNS rather than Anycast to select the closest edge. It’s not clear to me exactly how this is interacting with Cloudflare, but they definitely support EDNS and this shouldn’t be happening.