How to Expand Your Global Reach Into China
Special Considerations for Your Internet Presence in China
Andrew Sullivan / Director of Architecture, Dyn
Steven Ryder / Director of Platform Operations, C3Edge
October 22, 2014
/ 2
WHY LOCATE IN CHINA?
IT’S A BIG MARKET!
• Enormous population
• Increasing prosperity
§ Lots of consumers
§ Appetite for luxury goods
/ 3
SO WHAT?
THERE ARE UNUSUAL TECHNICAL CONSIDERATIONS
• Serving from elsewhere not a great strategy
§ Appearance of outages
• Latency and foreign experiences are both killers
/ 4 / 4
SOME CHALLENGES TO DISCUSS
/ 5
GLOBAL + CHINA
WHAT WORKS PERFECTLY OUTSIDE CHINA, MAY NOT WORK AT ALL ON THE MAINLAND
• fonts.googleapis.com
• NYTimes.com
• embedded YouTube videos
• many more
/ 6
CONGESTION
INTERNATIONAL INTERNET GATEWAYS TO US & EUROPE ARE OVERLOADED
• long routes
• frequent packet loss
• low transfer rates
/ 7
DNS FAILURES
UNREACHABLE FOREIGN NAME SERVERS (DNS) & LOW TTLS ARE MAJOR SOURCES OF OUTAGES
• Keeping traffic local is critical
• DNS is fundamental to everything
/ 8
GREAT FIREWALL
THIS IS NOT LIKE THE FIREWALL IN YOUR OFFICE
• Not “inside” and “outside”
• No “DMZ”
• DNS and IPs can be blocked in China (including entire TLDs)
§ Once blocked, there is no public address to ask why!
§ Partners with Government Affairs Departments provide value here
/ 9
UNEXPECTED OUTCOMES
BANNED CONTENT IN ONE PAGE CAN AFFECT YOUR ENTIRE SITE
• User-generated content could be the trigger
/ 10 / 10
THINGS WE’VE HEARD CUSTOMERS SAY
/ 11
AFTER I’VE TRANSLATED, I’M GOOD TO GO!
APPEALING TO THE CHINESE MARKET IS NOT JUST ABOUT CHINESE LANGUAGE AND CHARACTERS
• Site layouts and preferences vary
• Long pages are common
• Payment methods are different
/ 12
I CAN USE THE DNS I HAVE
IF YOUR DNS PROVIDER HAS NO PRESENCE IN CHINA, YOU MIGHT NOT EITHER
• If the DNS lookup fails, nobody can find you
• DNS lookup from inside China to outside fails frequently
• The name cn.example.com probably just uses the same example.com name servers
/ 13
I’M IN HONG KONG. I’LL JUST USE THAT
HONG KONG IS A SPECIAL PLACE
• HK data centers peer with carriers all over the world
§ Multi-carrier connectivity not standard
§ In-China experience dependent on user’s ISP
• The Great Firewall does not include HK
• Bandwidth from HK to China is expensive § $80+/Mbps not uncommon!
/ 14
I DON’T NEED AN ICP LICENSE
EVEN IF YOU ARE DOING MARKETING OF OFF-LINE PRODUCTS, AN INTERNET CONTENT PROVIDER (ICP) LICENSE IS REQUIRED
• Formal requirement for every site since July 2014
• No exceptions
• If you don’t get one, hosting and CDN companies will not be able to deliver your content in country
• Issued by Ministry of Industry and Information Technology (MIIT)
/ 15 / 15
IT’S NOT JUST THE GREAT FIREWALL
/ 16
THE GREAT FIREWALL IS IMPORTANT
LOCAL POLICIES AFFECT WHAT YOU CAN DO, JUST LIKE EVERYWHERE ELSE ON THE INTERNET
• URLs containing banned keywords will get TCP Reset
§ Breaks the site
• Pages with banned content may be blocked
§ Included content can time out (e.g. missing CSS file breaks page layout)
§ Embedded objects (e.g. YouTube videos) can fail
/ 17
TUNNELS WON’T HELP YOU
BACKHAUL TRAFFIC TO FOREIGN LOCATIONS ARE STILL SUBJECT TO THE GREAT FIREWALL
• IPSec, GRE tunnels, or VPNs to foreign origins are illegal in Mainland China
• Traffic may be blocked & ICP license revoked
• Using dedicated China names can help
§ Suggestion is to use .cn top-level domain
§ Avoid dependence on foreign (NS) Name Servers
/ 18
NETWORK TOPOLOGY IS CHALLENGING
CHINA IS NEXT TO THE “RING OF FIRE”
• Fiber routinely breaks
• Connections to Singapore and Japan are severed
/ 19
THE GREAT FIREWALL ISN’T THE GREAT PROBLEM
POLICY IS NOT THE ONLY OR MAIN SOURCE OF ISSUES.
• Congestion and packet loss to overseas networks
• Long routes and round trip times
• Server and infrastructure failures
• Browser compatibility and content problems
/ 20
CHINA IS A BIG PLACE
Mainland China is almost the same size as the US. Nobody thinks having one data center in the US is good enough for the whole country.
/ 21
YOUR COMPETITORS MIGHT HAVE AN ADVANTAGE
IF YOU’RE NOT IN CHINA AND YOUR COMPETITOR IS, YOUR POTENTIAL CUSTOMERS HAVE A WORSE EXPERIENCE WITH YOU
• The interior network is fast, though often congested
• If your traffic has to be served internationally, the latency is immediately visible § And sometimes, everything is just broken
• You can’t reach Chinese customers if they can’t reach you
/ 22
USE A REGIONAL STRATEGY
DIFFERENT PARTS OF YOUR INFRASTRUCTURE MIGHT NEED DIFFERENT TREATMENT
• Host DNS and GSLB in Mainland China
§ Optimize your local service delivery
• Consider hosting shared or global content nearby
§ Both HK and Taiwan avoid most cut fiber related outages
§ Network latency is greatly reduced
• Separate .cn domain names provide flexibility
/ 23 / 23
PRACTICAL STEPS TO TAKE
/ 24
MEASURE & QUANTIFY
• Measure your services from inside China § On every major carrier:
• Telecom (CT)
• Unicom (CU/CNC)
• Mobile (CMCC)
• Review all channels and sub-domains
§ Look beyond your single “www” homepage
• Identify hosting locations by checking IPs
§ Use dig and traceroute for reliable results
/ 25
CREATE A CHINA FOCUS TEAM
• Form an internal focus team to specialize on performance and availability in China
• Find partners to help
/ 26
SPECIFIC THINGS THE TEAM SHOULD EXAMINE
• DNS Name Server (NS) availability
• Page and service availability
• Response Times (timeouts and slow-loading)
• Browser Response Headers
§ All content, especially anything cacheable
All from within Mainland China, from multiple cities, and all major ISPs.
/ 27
OTHER THINGS THE TEAM SHOULD DO UP FRONT
• Increase your DNS TTLs § 600 seconds as a default minimum
• Extend HTTP Server keep-alive § 10-15 seconds time out value
§ Allow longer overall page load times
• Define a China-specific architecture
§ Identify what’s foreign hosted today
/ 28
DON’T FORGET TO STUDY COMPETITORS
OTHERS HAVE ALREADY LEARNED FROM EXPERIENCE. DON’T NEGLECT THAT.
• Study competitors’ deployments
§ See what’s working (or failing)
• Consult with China deployment experts
§ Seek advice specific to your particular case
• Separate your China and Global services § Avoid collateral damage and unexpected outcomes
/ 29
INTERNET PERFORMANCE. DELIVERED.
THANK YOU!
Top Related