3

We're trying to make a decision between using our hosting company for DNS or using Amazon's Route 53.

One of the benefits of touted by Amazon about Route 53 is that it uses Anycast which means that their DNS servers are distributed throughout the globe, and when a DNS request needs to be resolved, the request will be sent to the closest server, which will reduce the amount of time the lookup takes.

My question is - doesn't the DNS cache of whatever DNS the user is using make this irrelevant? Don't all secondary DNS servers cache local copies of the DNS so that they don't need to forward the request to the primary DNS server? And isn't that information updated automatically (not when the user requests it) based on the SOA records "refresh" value?

I have a similar question about uptime. Let's say we choose our hosting company's DNS, and it goes down for a few hours. Won't secondary DNS servers just continue to serve the cached content for as long as the SOA's "expire" value is set to (1 week, in our case)?

EEAA
  • 109,363
  • 18
  • 175
  • 245
user82186
  • 43
  • 2
  • Your misconception is between _secondary DNS server_ and _caching DNS resolver_. Secondaries are your (your hosting company/amazon route 53) servers, and for those SOA values apply. DNS caches are _not_ secondaries and they have nothing to do with all SOA values - they deal with TTL of particular record. – Sandman4 May 30 '12 at 12:51

2 Answers2

6

Benefits of anycast DNS versus unicast DNS

  • Lower overall latency
  • Distribution of load (usually not major, but one could conceivably end up with a lot of traffic)
    • Better DoS resistance
  • Transparent redundancy

It is true that this is made less useful overall with longer DNS cache times. It is also true that it doesn't absolve you of specifying more than one address for your servers. Ideally, those multiple addresses should be advertised by different AS numbers.

Remember that DNS caching only works if somebody requested the address before when you did and that you request it again before it expires from the caching server.

Summary conclusion

Is it better than unicast? Yes.. especially for the root DNS servers; they're mostly anycast addresses. Is it remarkably better enough to have an impact on your systems? For 99% of folks, no. The advantage comes from somebody else managing the server and keeping it alive.

Jeff Ferland
  • 20,547
  • 2
  • 62
  • 85
3

And isn't that information updated automatically (not when the user requests it) based on the SOA records "refresh" value?

No. It's only updated when a) that secondary DNS server gets a DNS request for that domain and b) the local cache for that record has expired. If no one on my ISP requests Google.com for a while, it'll drop out of their cache entirely.

Won't secondary DNS servers just continue to serve the cached content for as long as the SOA's "expire" value is set to (1 week, in our case)?

Some of those secondary servers are at 6 days, 23 hours, 59 minutes and 59 seconds when your DNS goes down.

ceejayoz
  • 32,910
  • 7
  • 82
  • 106
  • ceejayoz - for the sake of future readers, please, call secondary server **secondary**, and caching resolver **caching**. – Sandman4 May 30 '12 at 12:50