Cartika Blog

How AnyCast DNS Helps Keep Sites Fast And Available

The first time a user visits your site, it’s likely that they won’t have a DNS mapping for your IP stored in their browser cache, and it’s possible their ISP doesn’t have a result cached either. For many of your visitors, the Domain Name System will have to retrieve and return the DNS record from the authoritative server for your domain. That takes time, and since DNS is such a fundamental part of how the Internet works, we want to keep the amount of time it takes to a minimum. There’s no point having a well-optimized site on great hosting if it takes several seconds for your browser to find out where it should be sending requests. One of the major causes of DNS latency is distance. If the authoritative DNS server is in Toronto and the user is in Paris, the round-trip time can be significant. The user will be sitting twiddling their thumbs before the page ever starts to load. Having one DNS server in one data center introduces another problem. If that server goes down — as servers are wont to do — users will not be able to reach the site at all. The site will still be up and running, but no one else on the web will be able to find it. AnyCast DNS neatly solves both of these problems. If you’re familiar with how a content distribution network works, then AnyCast DNS will be easily comprehensible. In traditional Unicast DNS, there is one server with one IP. All requests for the DNS records of a site will end up at that server (assuming they aren’t cached somewhere along the way). AnyCast has one IP address, but it is shared by multiple servers placed around the globe that hold the same records. Packets are routed to the closest server. Rather than DNS request having to go from Paris to Toronto and back, it’ll probably end up in a Paris data center that contains a copy of the DNS records. You can probably see how this solves our second problem too. If the DNS server in the Toronto data center goes down, the network will stop routing requests to it; instead, they’ll be sent to the next closest server. When the Toronto server comes back up, it’ll be slotted back into the network. AnyCast DNS helps the network withstand unplanned failures, but it’s also a powerful way to mitigate Distributed Denial Of Service attacks. DDoS attacks use botnets and other methods to bombard a server or range of servers with so much data that they can’t cope. Because the attack surface for each IP is so much greater with an AnyCast DNS infrastructure, the attack data is distributed between many servers in many data centers, making it difficult for the attacker to focus enough data on one point to have the desired effect. The Cartika AnyCast DNS helps your sites and applications perform better and avoid downtime. Image: Flickr/NASA Goddard Photo And Video