Getting Technical With Secondary And Multi-DNS

December 14, 2016 Brendan Mangus

In an era of unprecedented internet volatility, the role of DNS has become a core consideration for any internet performance-driven cloud strategy. And having just one DNS provider is not enough – enlisting a secondary DNS or multi-DNS configuration strategy helps the Enterprise ensure resiliency and protect revenue, manage and elevate the digital experience and enhance brand reputation.

There are several multi-DNS patterns that any CIO or SysAdmin may consider based on their team, requirements and assets.

Traditional Primary-Secondary Approach

In this DNS configuration the existing DNS implementation acts as the primary DNS service from a DNS records management perspective. Record updates are made to the primary and once configured the primary service updates the secondary services using the standard DNS NOTIFY mechanism and both services respond to queries. This approach is particularly easy to deploy and improves resiliency by using two DNS implementations.

01_primary-secondary

Hidden Master-Secondary Approach

This configuration entails the existing DNS solution being deployed behind the corporate firewall to act as the primary DNS service from a DNS records management perspective. Updates to records are made to the primary using established tools and practices and the primary service automatically updates the secondary service. Only the distributed edge of the secondary service takes traffic in this configuration.

This setup provides additional security because only supplementary DNS service is visible outside of the network.

02_hidden-master

Primary-Primary Approach

With a primary-primary option two primary DNS services are updated independently of each other. Records are synchronized manually with the API or with an external app and both services respond to queries.

This configuration allows admins to take advantage of advanced features as long as they are supported by both services. Records can be updated from either service and DNS records can be updated if one primary fails.

03_primary-primary

To learn more about which multi-DNS configuration is right for your business check out our whitepaper, a Technical Brief on Secondary/Multi-DNS Patterns.

Previous Article
How We Got Our Tattered IoT Insecurity Blanket
How We Got Our Tattered IoT Insecurity Blanket

This post previously appeared in Network World. How did the poor security that undermines the cloud, the In...

Next Article
Preparing For The Future Of The Internet
Preparing For The Future Of The Internet

The internet has changed our world in ways we never thought possible. With half the world’s population now ...