On Feb 27, 2012, at 10:28 AM, William Herrin wrote:
On Mon, Feb 27, 2012 at 9:39 AM, Jared Mauch <jared@puck.nether.net> wrote:
Is the DNS service authoritative or recursive? If auth, you can solve this a few ways, either by giving the DNS name people point to multiple AAAA (and A) records pointing at a diverse set of instances. DNS is designed to work around a host being down. Same goes for MX and several other services. While it may make the service slightly slower, it's certainly not the end of the world.
Hi Jared,
How DNS is designed to work and how it actually works is not the same. Look up "DNS Pinning" for example. For most kinds of DR you need IP level failover where the IP address is rerouted to the available site.
If you want a system with 0 loss and 0 delay, start building your private network. I'm never claimed your response would be perfect, but it will certainly work well enough to avoid major problems. Or you can pay someone to do it for you. I'm not sure what a DNS hosted solution costs, and I'm geeky and run my own DNS on beta/RC quality software as well ;). What I do know is that my domain hasn't disappeared from the net wholesale as the name servers are "diverse-enough". Is DNS performance important? Sure. Should everyone set their TTL to 30? No. Reaching a high percentage of the internet doesn't require such a high SLA. Note, I didn't say reaching the top sites. While super-old, http://www.zooknic.com/Domains/counts.html says > 111m named sites in a few gTLDs. I'm sure there are better stats, but most of them don't need the same dns infrastructure that a google, bing, Facebook, etc require. If your DNS fits on a VM in someone else's "cloud", you likely won't notice the difference. A few extra NS records will likely do the right thing and go unnoticed. - Jared