profile image
Lauren Malhoit

What Happens When DNS Goes Down?

DNS outages are inevitable. Using xDNS Redundancy will help you avoid losing revenue and build trust with your customers.

Sep 15th, 2022

DNS is one of those protocols which everyone relies upon and yet the least amount of people managing and maintaining it. DNS services are often an afterthought...until they go down. Using multi-provider DNS redundancy can save you the from losing revenue and trust from your customers.

Does it Really Ever Go Down?

The answer is a resounding YES!

There are several examples of these large outages, such as:

  • Dyn DNS outage of 2016
  • CloudFlare in 2020
  • Meta (Facebook/Instagram) in 2021

When a DNS service is no longer accessible, any company reliant on a single DNS provider will experience service outages. It's not a matter of if, but of when and when this happens, companies have no control over when these services might come back.

Each of the major outages noted above brought services revenue generating services to their knees for many companies and while the problem was DNS, the root cause of the problem was often either due to configuration errors (human error) or Denial of Service (DoS) attacks (human malice).

The Cost of DNS Outages

To discover the cost of a loss of DNS service, companies need to properly assess the business risk associated with relying on one provider, and compare that with the cost of a second source DNS service.

Looking at the odds and costs of outages, many enterprises are opting to bring in a second, or even a third, DNS service to hold copies of critical DNS master zones (Diagram 1). This system of external DNS redundancy boosts DNS availability by:

  • Removing the danger of exposure to a single point of DNS failure.
  • Reducing traditional primary-secondary DNS redundancy vulnerabilities, where secondary zones can’t be changed if the master becomes unavailable.
  • Improving infrastructure resilience by hosting critical zones with multiple providers
  • Easing migratory operations to more resilient services

Isn't DNS A Redundant Protocol Already?

DNS, when set up correctly, is highly redundant. No matter which vendor or provider you’re using, failover configurations are a best practice. These configurations are often setup in a “primary” and “secondary” DNS server model.

Cloud DNS services have become very popular in the last decade. While there are several out there, some of the most popular providers are:

  • Azure DNS
  • Amazon Route 53
  • Google Public DNS
  • Cloudflare
  • Akamai Edge DNS
  • NS1 DNS

Cloud DNS providers have not implemented DNS in a primary/secondary style model and as noted in the examples at the beginning of this whitepaper, outages have occurred and will likely occur again.

Hybrid DNS is a configuration option which may be setup manually. Hybrid DNS means that you’re hosting DNS zones in two or more locations. One option would be that you’re hosting a DNS zone on-premises for example with Windows DNS and you’re hosting that same zone in the cloud with Amazon Route 53.

Both services, in this case, are authoritative for your zone in these cases and are not capable of any sort of built-in replication or synchronization. This means that there is no simple way to ensure the DNS zone files are the same between the two services.

Why Is Everyone Still Reliant on a Single Vendor?

Looking at the breakdown above, we can see that a majority of Fortune 500 companies are reliant on a single vendor with over half relying on a cloud vendor and over a quarter of them relying on their own DNS implementations. This is explained by the operational complexity of having to support multiple zones with multiple providers. In fact, by doing a multicloud or hybrid DNS approach manually, you are likely risking downtime due to inconsistencies between the two providers.

What's the Solution?

Using an overlay solution which can provide built-in automated redundancy for your DNS zones will give you the best operational experience while ensuring you have the best uptime. Micetro's xDNS capability will give you that experience through the use of xDNS Profiles, which we'll dive deeper on in next week's blog.

If you'd like to find out more about how Micetro is the only DDI solution that can give you confidence that your domains will never go down, check out our whitepaper on xDNS. The whitepaper tells you why DNS redundancy is imperative, but goes deeper to show you how to set up Micetro for xDNS redundancy.  We also recently ran a webinar on how to use xDNS with PRTG monitoring it.