DNS Reliability vs. Downtime
Lauren Mitchell | January 18th, 2021
Digital presence and services are becoming more integral in business and society. So, when an essential website (let alone many websites) has unexpected and prolonged downtime, it becomes more newsworthy. There are few scenarios where a large portion of the internet can become inaccessible, and one way is when a Domain Name System (DNS) service provider, that many websites rely on, becomes crippled.
A Case Study
Tim Greene writes about one significant instance on October 21, 2016, when a newsworthy event occurred where most sites became unavailable to users. The cause was one of the few DNS services, Oracle (formerly Dyn), became inaccessible by a denial-of-service attack (DDOS). So, while the sites were active, users could not access the websites without knowing their internet protocol (IP) address. The result was the same as if the sites themselves were down (Greene, 2016).
Domain Name System
DNS is a crucial aspect of making the internet accessible to the masses. It allows users to type in alphabetical characters - www.awh.net - instead of the actual numerical IP address - (version 4)/alpha-numeric (version 6) - to access the site. You can set up the DNS resolution by either hosting a personal DNS server or using a third-party service, which will then allow your site to become accessible.
DNS Redundancy and Health Checks
The first step is to set up redundancy by running a combination of self-hosted DNS servers or using multiple DNS service providers that do not depend on each other to function. Researching DNS providers is essential since some DNS providers are just middlemen and customers of other providers, so if you don’t do your research you risk ending up using the same DNS server twice (Gibson).
Some service providers, such as AWS, provide a service that save logs and check that the DNS server performs correctly and allows for a contingency set up when there is an unexpected failure. For AWS, the feature is called Amazon Route 53 and it provides health checks and allows customers to dictate how they want the DNS failures handled in AWS’s ecosystem. Check it out here.
It is much easier to use a company like AWS to both host your website and DNS resolution, but there is the trade-off that if AWS ever goes down, your web presence will be gone until AWS recovers. Using multiple companies independent of each other means that there is more work to ensure that your setup and deployment process is compatible with both companies’ interfaces, but the odds of downtime decrease.
Boone, Joseph. (2020, July 18). How To Set Up Website DNS Configuration Settings. HELPDESKGEEK. Retrieved from https://helpdeskgeek.com/how-to/how-to-set-up-website-dns-configuration-settings/
Google Cloud. DNS best practices. https://cloud.google.com/dns/docs/best-practices
Kashaf, A., Sekar, V., & Agarwal, Y. Analyzing Third Party Service Dependencies in Modern Web Services: Have We Learned from the Mirai-Dyn Incident? https://dl.acm.org/doi/pdf/10.1145/3419394.3423664
Wikipedia. IP address. https://en.wikipedia.org/wiki/IP_address
Greene, Tim. (2016, October 21). How the Dyn DD0S attack unfolded. NETWORKWORLD. Retrieved from https://www.networkworld.com/article/3134057/how-the-dyn-ddos-attack-unfolded.html
Cloudflare. What is DNS? https://www.cloudflare.com/learning/dns/what-is-dns/
Gibson, Steve. Security Now! #795 – 12-01-20 DNS Consolidation. https://www.grc.com/sn/SN-795-Notes.pdf