Home page logo

nanog logo nanog mailing list archives

Re: Reliable Cloud host ?
From: Jared Mauch <jared () puck nether net>
Date: Mon, 27 Feb 2012 12:09:21 -0500

On Feb 27, 2012, at 10:28 AM, William Herrin wrote:

On Mon, Feb 27, 2012 at 9:39 AM, Jared Mauch <jared () puck nether net> wrote:
Is the DNS service authoritative or recursive?  If auth, you can
solve this a few ways, either by giving the DNS name people
point to multiple AAAA (and A) records pointing at a diverse
set of instances.  DNS is designed to work around a host
being down.  Same goes for MX and several other services.
While it may make the service slightly slower, it's certainly
not the end of the world.

Hi Jared,

How DNS is designed to work and how it actually works is not the same.
Look up "DNS Pinning" for example. For most kinds of DR you need IP
level failover where the IP address is rerouted to the available site.

If you want a system with 0 loss and 0 delay, start building your private network.

I'm never claimed your response would be perfect, but it will certainly work well enough to avoid major problems.  Or 
you can pay someone to do it for you.  I'm not sure what a DNS hosted solution costs, and I'm geeky and run my own DNS 
on beta/RC quality software as well ;).

What I do know is that my domain hasn't disappeared from the net wholesale as the name servers are "diverse-enough".

Is DNS performance important?  Sure.  Should everyone set their TTL to 30?  No.  Reaching a high percentage of the 
internet doesn't require such a high SLA.  Note, I didn't say reaching the top sites.  While super-old, 
http://www.zooknic.com/Domains/counts.html says > 111m named sites in a few gTLDs.  I'm sure there are better stats, 
but most of them don't need the same dns infrastructure that a google, bing, Facebook, etc require.

If your DNS fits on a VM in someone else's "cloud", you likely won't notice the difference.  A few extra NS records 
will likely do the right thing and go unnoticed.

- Jared

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]