Welcome to the New DNS: Five Elements to Incorporate Now
February 11, 2016 No CommentsFeatured article by Shannon Weyrick, Director of Engineering for NS1
In a world marked by rapid change and record-breaking firsts, one of the more fundamental changes in the recent history of computing is that applications are now distributed by default. This has become possible through the widespread availability of globally distributed cloud computing providers, Infrastructure-as-a-Service (IaaS) and deployment automation. These and other modern server tools have slashed the expense and complexity traditionally involved in deploying applications and have improved performance and uptime in decentralized environments.
Taking Another Look at DNS
Though impressive advancements have been made from the application and infrastructure side regarding distributing applications, the tools website operators have at their disposal to effectively route traffic to their newly distributed applications haven’t kept pace. Your app is distributed, but how do you get your users to the right points of presence (POPs)?
These days, traffic management requires pricey and productivity-hampering networking techniques like BGP anycasting, capex-heavy hardware appliances with global load balancing add-ons, or by leveraging a third-party managed DNS platform.
Because DNS is the gateway to almost every application and website on the Internet, it is a great place to enact traffic management policies. However, the capabilities of most managed DNS platforms are severely limited because they were not designed with today’s applications in mind. For instance, most managed DNS platforms are built using off-the-shelf software like BIND or PowerDNS, onto which features like monitoring and geo-IP databases are grafted.
The need has been real but expectations have been low for DNS platforms. A best-in-class model has been expected to do two things with regards to traffic management: first, it wouldn’t send users to a server that was down, and second, it would try to return the IP address of the server that’s closest to the end user making the request.
While technically accurate, this second function leaves tremendous room for improvement. It’s akin to using a GPS unit from 1999 to get to a gas station: it can give you the location of one that’s close by and may be open according to its Yellow Pages listing, but that’s about it. Maybe there is roadwork or congestion on the one route you can take to get there. Maybe the gas station is out of diesel, or perhaps they’re open but backed up with lines stretching down the block. Perhaps a gas station that’s a bit farther away would have been a better choice?
This is essentially the real-world equivalent of high-performing Internet properties, and they go far beyond proximity and a binary notion of “up/down.” Does the data center have excess capacity? What’s traffic like getting there – is there a fiber cut or congestion to a particular ISP we should route around? Are there any data privacy or protection protocols we need to take into account?
DNS Gets a Makeover
To deliver applications today, a new kind of DNS traffic management is needed. Next-gen DNS platforms have been built from the ground up with traffic management at their core, bringing to market exciting capabilities and innovative new tools that allow businesses to enact traffic management in ways that were previously impossible.
When it’s time to find that platform, here are five elements to look for:
1. Endpoint monitoring: Make sure that the platform can constantly monitor endpoints from the vantage point of the end user and then send those coming from each network to the endpoint that will service them best.
2. Handling spikes: Find solutions with the ability to use scalable infrastructure to handle planned or unplanned traffic spikes. If your primary colocation environment is becoming overloaded, make sure your are able to dynamically send new traffic to another environment according to your business rules, whether it’s AWS, the next nearest facility or a DR/failover site.
3. Modern routing: Geofencing can ensure users in the EU are only serviced by EU datacenters, for instance, while ASN fencing can make sure all users on China Telecom are served by Chinacache. Using IP fencing will make sure local-printer.company.com automatically returns the IP of your local printer, regardless of which office an employee is visiting. Look for solutions that route users based on their ISP, ASN, IP prefix or geographical location.
4. Load shedding: Automatically adjusting the flow of traffic to network endpoints, in real time, based on telemetry coming from endpoints or applications, can help prevent overloading a datacenter without taking it offline entirely and seamlessly route users to the next nearest datacenter with excess capacity.
5. Make the rules: Look for solutions that use filters with weights, priorities and even stickiness by enacting business rules to meet your applications’ needs. Distribute traffic in accordance with commits and capacity. Combine weighted load balancing with sticky sessions (e.g. session affinity) to adjust the ratio of traffic distributed among a group of servers while ensuring that returning users continue to be directed to the same endpoint.
Old-school DNS and traffic management capabilities will not serve businesses that need to deliver Internet-scale performance and reliability for high-volume, mission-critical applications. Traditional DNS technologies are fractured and rudimentary, making the industry ripe for disruption in order to accommodate today’s demanding applications.
About the author:
Shannon Weyrick is the director of engineering for NS1 and has been working in Internet infrastructure since 1996, when he got started at an ISP in upstate New York. He’s been programming, however, since time immemorial, and loves it to this day. Shannon can find his way around any full backend stack, but he’s focused on software development, and has created or contributed to many open source projects throughout the years. Shannon previously worked at Internap and F5 Networks architecting and developing distributed platforms for a variety of infrastructure projects.