With the growth of the Internet, network services increasingly have high-availability requirements. As a result, operation of anycast services has grown in popularity among DNS network providers.
All Internet root nameservers are implemented as clusters of hosts using anycast addressing. All 13 root servers A-M exist in multiple locations, with 11 on multiple continents. The servers use anycast address announcements to provide a decentralized service. This has accelerated the deployment of physical (rather than logical) root servers outside the United States. RFC 3258 documents the use of anycast addressing to provide authoritative DNS services. Many commercial DNS providers have switched to an IP anycast environment to increase query performance, redundancy, and to implement load balancing.
If you are still using a unicast DNS network provider you are susceptible to network outages, DDOS attacks and poor latency which effects the speed of all network services for your domain including Web, Email and your VPN's etc.
In an anycast network users will always connect to the 'closest' (from a routing protocol perspective) DNS server. This reduces latency, as well as providing a level of load-balancing.
Unicast DNS networks are old Technology. For example, if someone in Australia is sending you an email, the sending email server will have to get your DNS information (MX records, SPF, DKIM/DMARC) from your first name server (NS1). Then relay that information all the back to Australia to in turn send you the message. In an anycast network the the email will be sent much quicker as it will get the DNS information from server located closest to Australia, providing a much quicker response. The same would be the case of a user in Australia visiting your website or accessing your VPN. Not to mention, if your NS1 server is down (or too busy) the request will move to your second name server etc. If both or all of you name servers are not available (e.g DDOS attack) none will respond, resulting in no website, no email, no VPN, no SERVER's!
Anycast improves reliability of a network-based service by the placement of multiple, geographically dispersed servers or clusters using the same IP address. In the event one server or server cluster fails, traffic is simply redirected to another node without having to change IP addresses.
Dynamic layer 3 routing of Anycast IP Addresses nicely load balances traffic over different nodes based on geography. If equal cost route paths are visible from one geography, all nodes can be used.
Traffic destined for an Anycast node will be routed to the topologically “nearest” node, thus reducing latency between the client and the node. This ensures that client traffic uses a server cluster closest to them wherever they are globally.
Geographically dispersed server clusters operating using the same publicly announced IP address naturally attract attacks to them, thus sinking it closer to the origin. This also significantly improves capacity and also masks the true location of any “real server” proxied by the Anycast address and hidden behind it.
In the event that an Anycast node becomes unavailable, traffic can simply shift to an alternate node as soon as the routes are withdrawn from the routing table without the need for the client to communicate with a new IP address. With proper back-end route configurations, tunnels and connection state management, there is no degradation of service even while waiting for routes to be withdrawn.
Instead of have 1 to 3 (or even 5) nameservers, IP Anycast can have dozens of name servers. It is not uncommon to have 50+ name servers in an anycast DNS configuration. For example Route53, Amazon's DNS service currently has 48 at the time of this writing.
Implementing DNS Anycast if very cost effective. Clustered Networks works with a number of the top Anycast DNS providers. You choose and we will help you migrate your network to one that will fit your budget.
This Video Explains how Anycast DNS Works
Clustered Networks has assisted a number of Web Design / Hosting companies to migrate their Unicast DNS Hosting to a more faster and stable Anycast DNS environment with ZERO downtime. This enables their customers to enjoy faster DNS Website and E-Mail performance, as well as protection from DDOS attacks.
To learn more, simply send us an email or give us a call at 780-220-7662.
Located in Edmonton, AB Canada, Clustered Networks was Incorporated in 2001 and has offered Network / Internet and IT Consulting services for over 15 years. We offer personalized service!