State of the Cloud DNS Report

Size: px
Start display at page:

Download "State of the Cloud DNS Report"

Transcription

1 transparency for the cloud State of the Cloud DNS Report Basic Edition April

2 Table of Contents Overview Introduction 3 Anycast vs. Unicast DNS 3 Provider Overview & Current News 4 Provider Marketshare 8 Technology Used 10 DNS Performance Analysis Performance Analysis Overview 22 Service Availability 22 Synthetic Performance 23 Real User Performance 26 RIPE Atlas Performance - Synthetic 29 DNS Features Health Checks - Failover 12 Health Checks - Load Balancing 12 Location Based Routing (Geo IP) 13 Zone Based Routing (Anycast) 13 DNSSEC 14 Primary/Secondary DNS Support 15 Pricing DNS Query Volume Pricing 17 Feature Pricing 18 DNS Networks Akamai DNS 38 Amazon Route CloudFlare DNS 40 DNS Made Easy 41 Dyn DNS 42 Easy DNS 43 EdgeCast DNS 44 NSONE DNS 45 UltraDNS 46 Verisign DNS 47 DNS Propagation Latency 20 2 State of the Cloud DNS Report 2015 Inc. Table of Contents

3 Overview Introduction 3 Anycast vs. Unicast DNS 3 Provider Overview & Current News 4 Provider Marketshare 8 Technology Used 10 3 State of the Cloud DNS Report 2015 Inc.

4 Introduction The Domain Name System (DNS) is the method by which hostnames such as " are translated into addresses used by computers to communicate; DNS is fundamental to operation of the Internet. If an domain loses DNS functionality, hostnames will be inaccessible for users - even if servers are functioning. Additionally, DNS can be a security threat if hacked and hostnames redirected to unauthorized servers that may in turn capture sensitive user information. Because of the mission critical nature of DNS, many organizations elect to outsource DNS hosting to specialized vendors that provide better availability, security, and performance. Anycast vs. Unicast DNS At the network level, there are 2 methods for hosting DNS servers: Unicast and IP Anycast. Unicast DNS Unicast DNS sends users to fixed DNS servers regardless of where the user is located. If DNS servers are located in the United States, a user in Australia will experience slower DNS response than a US based user. Additionally, if a DNS server is down, DNS queries may fail entirely. Anycast DNS IP Anycast DNS provides network optimizations wherein DNS queries are directed to the closest server, thus providing more consistent and faster response. IP Anycast DNS also provides redundancy and failover. If a DNS server goes down down, IP Anycast can automatically re-route users to other functioning servers. 4 State of the Cloud DNS Report 2015 Inc. Overview

5 Providers Included 5 State of the Cloud DNS Report 2015 Inc. Overview

6 Provider Marketshare To track marketshare, we track name servers for Alexa top 10,000 and Fortune 500 websites monthly. The tables below provide marketshare statistics for DNS providers based on this tracking. To determine provider affiliation we use hostname, IP and ASN matching for primary and secondary hostnames. Marketshare changes may be attributed to changes in the makeup of the lists (monthly for Alexa, annual for Fortune 500) or actual provider changes. This content is available in the Premium Edition available at 8 State of the Cloud DNS Report 2015 Inc. Overview

7 Provider Marketshare Top 20 Provider Changes This content is available in the Premium Edition available at 9 State of the Cloud DNS Report 2015 Inc. Overview

8 Technology Used DNS Software DNS server software listens for and responds to DNS queries. DNS providers may utilize open source or proprietary software. Open source software has the advantage of established reliability and community support, while proprietary software may provide more flexibility and a point of distinction for vendors. Geo IP Database To implement Location Based Routing providers license Geo IP databases from one of three possible vendors: MaxMind, Neustar or Digital Envoy. In the case of MaxMind, providers often add some customization to the database to improve accuracy. The table below lists Geo IP databases used by each provider if known. Provider Software Type Provider Database Akamai DNS Proprietary Akamai DNS Unknown DNS Made Easy Proprietary (Elite Resolution Platform) DNS Made Easy NA Dyn DNS Bind Dyn DNS MaxMind 1 Easy DNS Bind Easy DNS NA EdgeCast DNS Unknown EdgeCast DNS Unknown NSONE DNS Proprietary NSONE DNS MaxMind 1 Amazon Route 53 djbdns Amazon Route 53 Unknown UltraDNS Proprietary UltraDNS Neustar IP Intelligence Verisign DNS Proprietary (Atlas) Verisign DNS Digital Envoy 1. Customized for improved accuracy 10 State of the Cloud DNS Report 2015 Inc. Overview

9 DNS Features Health Checks - Failover 12 Health Checks - Load Balancing 12 Location Based Routing (Geo IP) 13 Zone Based Routing (Anycast) 13 DNSSEC 14 Primary/Secondary DNS Support State State of the Cloud DNS Report 2015 Inc.

10 Health Checks Failover Health Checks Load Balancing DNS Failover resolves hostnames based on availability of target hosts. If the primary host becomes unavailable, DNS records update automatically to respond using a secondary host. When the primary host is restored, DNS records automatically revert. Like DNS Failover, DNS Load Balancing monitors availability of DNS hosts. However, with Load Balancing all hosts are considered primary. If a host fails, it is removed from the list of possible DNS responses. Provider Failover Provider Failover Akamai DNS Akamai DNS DNS Made Easy DNS Made Easy Dyn DNS Dyn DNS Easy DNS Easy DNS EdgeCast DNS EdgeCast DNS NSONE DNS NSONE DNS Amazon Route 53 Amazon Route 53 UltraDNS UltraDNS Verisign DNS Verisign DNS 12 State of the Cloud DNS Report 2015 Inc. DNS Features

11 Location Routing (Geo IP) Zone Routing (IP Anycast) Location Based DNS takes into account resolver (or user with EDNS support) location (using a Geo IP database) when responding to DNS queries. Common use case for this feature is routing users to nearby hosts for improved response times. Anycast Zone Based DNS is similar in purpose to Location Based DNS, minus use of Geo IP. Instead, responses may be different depending on the location of the DNS POP receiving the query. Provider Akamai DNS DNS Made Easy Dyn DNS Easy DNS EdgeCast DNS NSONE DNS Amazon Route 53 UltraDNS Verisign DNS Geo IP Provider Akamai DNS DNS Made Easy Dyn DNS Easy DNS EdgeCast DNS NSONE DNS Amazon Route 53 UltraDNS Verisign DNS Geo IP 13 State of the Cloud DNS Report 2015 Inc. DNS Features

12 DNSSEC DNSSEC (Domain Name System Security Extensions) is a specification for securing DNS information - DNSSEC was designed to protect clients from forged DNS responses. All responses in DNSSEC are digitally signed; by checking the digital signature, a DNS client is able to verify the information is exactly the same as the information from the authoritative DNS server. Provider Provider Managed User Managed Akamai DNS DNS Made Easy Dyn DNS Easy DNS EdgeCast DNS NSONE DNS Amazon Route 53 UltraDNS Verisign DNS Provider or User Managed DNSSEC Manual generation and management of necessary DNSSEC certificates and digital signatures can be very complex and cumbersome. Some providers simplify this by automating these tasks within their management interface. 14 State of the Cloud DNS Report 2015 Inc. DNS Features

13 Primary/Secondary DNS Support BIND DNS software provides an industry standard method for sharing DNS records between servers. This protocol utilizes a primary server to manage a DNS zone, and secondary, read-only servers capable of responding to DNS queries. Secondary servers synchronize to the master using zone transfer requests. BIND defines two synchronization methods: AXFR: transfer the entire DNS zone configuration IXFR: transfer incremental changes The following tables lists support by each service these BIND synchronization protocols: When Service is Primary Provider AXFR IXFR NOTIFY TSIG Akamai DNS DNS Made Easy Dyn DNS Easy DNS EdgeCast DNS NSONE DNS Amazon Route 53 UltraDNS Verisign DNS 1. Supported when secondary is within the zone BIND also defines two methods secondary servers use to determine when DNS zone changes have been made: Polling: Secondary servers periodically query the master server for changes NOTIFY: The master server notifies secondary servers when changes are made DNS transfers between primary and secondary servers may be secured using Transaction SIGnature (TSIG) keys supported by some services. When Service is Secondary Provider AXFR IXFR NOTIFY TSIG Akamai DNS DNS Made Easy Dyn DNS Easy DNS EdgeCast DNS NSONE DNS Amazon Route 53 UltraDNS Verisign DNS 15 State of the Cloud DNS Report 2015 Inc. DNS Features

14 Pricing DNS Query Volume Pricing 17 Feature Pricing State of the Cloud DNS Report 2015 Inc.

15 Pricing Some providers have public pricing and self sign-up, while others require sales contract negotiation. For the latter, pricing may vary depending on usage commitment, negotiation capabilities, and other extraneous factors. The pricing matrix below provides a breakdown of estimated costs at various usage commitments for each provider. To collect this information, we have independently researched and contacted vendors not disclosing pricing publicly. DNS Query Pricing Pricing Per Month This content is available in the Premium Edition available at 17 State of the Cloud DNS Report 2015 Inc. Pricing

16 Advanced Feature Pricing Providers structure and price add-on features differently. The matrix below is an attempt to list comparable add-on pricing for each provider and feature. Pricing Per Month This content is available in the Premium Edition available at 18 State of the Cloud DNS Report 2015 Inc. Pricing

17 DNS Propagation Latency DNS Propagation Latency State of the Cloud DNS Report 2015 Inc.

18 DNS Propagation Latency DNS propagation latency is the amount of time from submission of a DNS record change until that change is visible across a providers entire DNS network. Analysis is provided for both primary and secondary DNS hosting. The latency metric is the median of measurements from approximately 200 globally distributed test servers. Primary Zone This content is available in the Premium Edition available at Secondary Zone 20 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

19 DNS Performance Analysis Performance Analysis Overview 22 Service Availability 22 Synthetic Performance 23 Real User Performance 26 RIPE Atlas Performance State of the Cloud DNS Report 2015 Inc.

20 Performance Analysis Overview Service Availability The following table lists service availability for the past 30 days. This analysis is based on monitoring of name servers using geographically disperse monitoring servers. A minimum of 3 nodes are used in each geographical region. If at least 1 name server is reachable and responds to a DNS query the service is considered available. Outages are triggered if all 3 monitoring servers are simultaneously unable to connect to all name servers. We use an external monitoring service, Panopta, to monitor availability Service Global US West US Central US East Europe Asia Oceania Africa Akamai DNS 100% 100% 100% 100% 100% 100% 100% 100% Amazon Route % 100% 100% 100% 100% 100% 100% 100% CloudFlare DNS 100% 100% 100% 100% 100% 100% 100% 100% DNS Made Easy 100% 100% 100% 100% 100% 100% 100% 100% Dyn 100% 100% 100% 100% 100% 100% 100% 100% Easy DNS 100% 100% 100% 100% 100% 100% 100% 100% NSONE 100% 100% 100% 100% 100% 100% 100% 100% UltraDNS 100% 100% 100% 100% 100% 100% 100% 100% Verisign DNS 100% 100% 100% 100% 100% 100% 100% 100% 22 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

21 Synthetic Performance We monitor synthetic DNS response times using a combination of dig (a DNS utility) and our network of 180 global monitoring nodes. The purpose of this is to measure the amount of time it takes for provider DNS servers to respond to queries from these nodes. These measurements are taken every 5 minutes from each monitoring node. During each test interval, multiple measurements are taken and the median, mean, min, max and standard deviation metrics are captured. The response times used in the graphs below are derived from the median values and aggregated into multiple geographic regions. North America 23 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

22 Synthetic DNS Response Time continued Europe 24 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

23 Synthetic DNS Response Time continued Asia 25 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

24 Real User Performance To analyze real user DNS response times, we host a browser based test at This test, uses a custom domain delegated to each DNS service and configured with a wildcard Name (A) record. The test alternates downloading an 8 byte file using both cached and uncached hostnames. DNS response time is used for this analysis is the difference between these two measurements across multiple test iterations. North America This content is available in the Premium Edition available at 26 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

25 Real User Performance continued Europe Ths content is available in the Premium Edition available at 27 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

26 Real User Performance continued Asia Ths content is available in the Premium Edition available at 28 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

27 RIPE Atlas Performance RIPE Atlas is a global network consisting of approximately 6534 public test probes capable of measuring connectivity to Internet endpoints on demand (view network map). Most RIPE Atlas probes are located on the Internet last mile, thus providing analysis that is more user-centric compared to testing from data centers. Users hosting RIPE Atlas probes receive credit to take measurements from other probes. We host 2 such probes and use credits to measure latency and recursive DNS performance for cloud services. North America This content is available in the Premium Edition available at 29 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

28 RIPE Atlas Performance continued Europe Ths content is available in the Premium Edition available at 30 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

29 RIPE Atlas Performance continued Asia Ths content is available in the Premium Edition available at 31 State of the Cloud DNS Report 2015 Inc. DNS Performance Analysis

State of the Cloud DNS Report

State of the Cloud DNS Report transparency for the cloud State of the Cloud DNS Report Basic Edition August 2015 2015 Table of Contents Overview Introduction 3 Anycast vs. Unicast DNS 3 Provider Overview & Current News 4 Provider Marketshare

More information

State of the Cloud DNS Report. Basic Edition July 2014

State of the Cloud DNS Report. Basic Edition July 2014 State of the Cloud DNS Report Basic Edition July 2014 2014 Table of Contents Overview Introduction... 3 Anycast vs. Unicast DNS... 3 Provider Overview & Current News... 4 Provider Market Share...7 Technology

More information

State of the Cloud DNS Report. Basic Edition April 2014

State of the Cloud DNS Report. Basic Edition April 2014 State of the Cloud DNS Report Basic Edition April 2014 2014 Table of Contents Overview Introduction... 3 Anycast vs. Unicast DNS... 3 Provider Overview & Current News... 4 Provider Market Share...7 Technology

More information

BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE

BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE Your external DNS is a mission critical business resource. Without

More information

THE MASTER LIST OF DNS TERMINOLOGY. First Edition

THE MASTER LIST OF DNS TERMINOLOGY. First Edition THE MASTER LIST OF DNS TERMINOLOGY First Edition DNS can be hard to understand and if you re unfamiliar with the terminology, learning more about DNS can seem as daunting as learning a new language. To

More information

THE MASTER LIST OF DNS TERMINOLOGY. v 2.0

THE MASTER LIST OF DNS TERMINOLOGY. v 2.0 THE MASTER LIST OF DNS TERMINOLOGY v 2.0 DNS can be hard to understand and if you re unfamiliar with the terminology, learning more about DNS can seem as daunting as learning a new language. To help people

More information

State of the Cloud DNS Report

State of the Cloud DNS Report State of the Cloud DNS Report July 2012 Table of Contents Click on any title in the contents table to link directly to that page. Overview Introduction... 3 Anycast vs. Unicast DNS... 3 Provider Overview

More information

USING TRANSACTION SIGNATURES (TSIG) FOR SECURE DNS SERVER COMMUNICATION

USING TRANSACTION SIGNATURES (TSIG) FOR SECURE DNS SERVER COMMUNICATION USING TRANSACTION SIGNATURES (TSIG) FOR SECURE DNS SERVER COMMUNICATION Transaction Signatures (TSIG) provide a secure method for communicating in the Domain Name System (DNS) from a primary to a secondary

More information

The Domain Name System (DNS) A Brief Overview and Management Guide

The Domain Name System (DNS) A Brief Overview and Management Guide The Domain Name System (DNS) A Brief Overview and Management Guide Table of Contents Introduction 1 What Exactly Is DNS? 2 Potential Pitfalls of DNS 4 DNS Management and 5 Zone Hosting DNS Management 6

More information

Global Server Load Balancing

Global Server Load Balancing White Paper Overview Many enterprises attempt to scale Web and network capacity by deploying additional servers and increased infrastructure at a single location, but centralized architectures are subject

More information

Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS

Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS White paper Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS June 2001 Response in Global Environment Simply by connecting to the Internet, local businesses transform themselves

More information

FortiBalancer: Global Server Load Balancing WHITE PAPER

FortiBalancer: Global Server Load Balancing WHITE PAPER FortiBalancer: Global Server Load Balancing WHITE PAPER FORTINET FortiBalancer: Global Server Load Balancing PAGE 2 Introduction Scalability, high availability and performance are critical to the success

More information

Use Domain Name System and IP Version 6

Use Domain Name System and IP Version 6 Use Domain Name System and IP Version 6 What You Will Learn The introduction of IP Version 6 (IPv6) into an enterprise environment requires some changes both in the provisioned Domain Name System (DNS)

More information

ANATOMY OF A DDoS ATTACK AGAINST THE DNS INFRASTRUCTURE

ANATOMY OF A DDoS ATTACK AGAINST THE DNS INFRASTRUCTURE ANATOMY OF A DDoS ATTACK AGAINST THE DNS INFRASTRUCTURE ANATOMY OF A DDOS ATTACK AGAINST THE DNS INFRASTRUCTURE The Domain Name System (DNS) is part of the functional infrastructure of the Internet and

More information

Copyright International Business Machines Corporation 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure

Copyright International Business Machines Corporation 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure iseries DNS iseries DNS Copyright International Business Machines Corporation 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule

More information

STATE OF DNS AVAILABILITY REPORT

STATE OF DNS AVAILABILITY REPORT STATE OF DNS AVAILABILITY REPORT VOLUME 1 ISSUE 1 APRIL 2011 WEB SITES AND OTHER ONLINE SERVICES ARE AMONG THE MOST IMPORTANT OPERATIONAL AND REVENUE GENERATING TOOLS FOR BUSINESSES OF ALL SIZES AND INDUSTRIES.

More information

Traffic Controller Service. UltraDNS Whitepaper

Traffic Controller Service. UltraDNS Whitepaper Traffic Controller Service UltraDNS Whitepaper Table of Contents Global load balancing challenges... 3 Overview... 4 Architecture... 5 Dynamic monitoring system... 6 Traffic Controller techniques... 7

More information

Monitoring Techniques for Cisco Network Registrar

Monitoring Techniques for Cisco Network Registrar White Paper Monitoring Techniques for Cisco Network Registrar White Paper 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 14 Introduction...

More information

The OpenDNS Global Network Delivers a Secure Connection Every Time. Everywhere.

The OpenDNS Global Network Delivers a Secure Connection Every Time. Everywhere. The OpenDNS Global Network Delivers a Secure Connection Every Time. Everywhere. Network Performance Users devices create multiple simultaneous connections each time we exchange data with other Internet

More information

Understanding DNS (the Domain Name System)

Understanding DNS (the Domain Name System) Understanding DNS (the Domain Name System) A white paper by Incognito Software January, 2007 2007 Incognito Software Inc. All rights reserved. Understanding DNS (the Domain Name System) Introduction...2

More information

The Canadian Internet Registration Authority (CIRA) manages a 100% up time service - the.ca domain name registry for over 2.

The Canadian Internet Registration Authority (CIRA) manages a 100% up time service - the.ca domain name registry for over 2. WHO IS.CA ( CIRA )? The organization responsible for a critical part of the Internet infrastructure; expanding its services to help organizations secure their DNS in Canada The Canadian Internet Registration

More information

Why Managed DNS Services

Why Managed DNS Services Why Managed DNS Services and Why Now? Jennifer M. Pigg, VP of Research, Yankee Group Rohit Kinra, Senior Manager, VeriSign June 23, 2011 Copyright 2011. Yankee Group Research, Inc. All rights reserved.

More information

Combining Global Load Balancing and Geo-location with Emissary TM

Combining Global Load Balancing and Geo-location with Emissary TM Combining Global Load Balancing and Geo-location with Emissary TM A New Kind of Global Internet Traffic Management Appliance from Coyote Point Systems and Digital Envoy Establishing a Geo-Sensitive, Highly

More information

The secret life of a DNS query. Igor Sviridov <sia@nest.org> 20120522

The secret life of a DNS query. Igor Sviridov <sia@nest.org> 20120522 The secret life of a DNS query Igor Sviridov 20120522 Preface Nowadays, when we type URL (or is it a search string? ;-) into a browser (or mobile device) many things happen. While most of

More information

Citrix NetScaler Global Server Load Balancing Primer:

Citrix NetScaler Global Server Load Balancing Primer: Citrix NetScaler Global Server Load Balancing Primer: Theory and Implementation www.citrix.com Background...3 DNS Overview...3 How DNS level GSLB works...4 Basic NetScaler GSLB Configuration...8 Accepting

More information

Array Networks NetContinuum. Netli. Fine Ground. StrangeLoop. Akamai. Barracuda. Aptimize. Inkra. Nortel. Juniper. Cisco. Brocade/Foundry.

Array Networks NetContinuum. Netli. Fine Ground. StrangeLoop. Akamai. Barracuda. Aptimize. Inkra. Nortel. Juniper. Cisco. Brocade/Foundry. Array Networks NetContinuum Netli Barracuda StrangeLoop Inkra Fine Ground Aptimize Akamai Cisco Citrix Juniper Zeus Radware Nortel ActivNetworks Brocade/Foundry Swan Labs A10 Redline Coyote Point Crescendo

More information

Global Server Load Balancing

Global Server Load Balancing White Paper Global Server Load Balancing APV Series Application Delivery Controllers May 2011 Global Server Load Balancing Access. Security. Delivery. Introduction Scalability, high availability and performance

More information

Networking Domain Name System

Networking Domain Name System System i Networking Domain Name System Version 5 Release 4 System i Networking Domain Name System Version 5 Release 4 Note Before using this information and the product it supports, read the information

More information

Products, Features & Services

Products, Features & Services Products, Features & Services PowerDNS PowerDNS, founded in the late 1990s, is a premier supplier of DNS software, services and support. Deployed throughout the world with some of the most demanding users

More information

A Link Load Balancing Solution for Multi-Homed Networks

A Link Load Balancing Solution for Multi-Homed Networks A Link Load Balancing Solution for Multi-Homed Networks Overview An increasing number of enterprises are using the Internet for delivering mission-critical content and applications. By maintaining only

More information

Domain Name System Procedures

Domain Name System Procedures Domain Name System Procedures Area: Technology Policy No.: Subject: Domain Name System Issued: 9/23/2013 Applies To: University Revised: N/A Sources: Vice President for Information Technology Services

More information

DNS Architecture Case Study: Resiliency and Disaster Recovery

DNS Architecture Case Study: Resiliency and Disaster Recovery DNS Architecture Case Study: Resiliency and Disaster Recovery Cricket Liu VP, Architecture Infoblox Company Background Large U.S.-based company, Company Co. (company.com) Three categories of sites Headquarters

More information

The Survey Report on DNS Cache & Recursive Service in China Mainland

The Survey Report on DNS Cache & Recursive Service in China Mainland The Survey Report on DNS Cache & Recursive Service in China Mainland Wei WANG, Chinese Academy of Sciences Zhiwei YAN, China Internet Network Information Center Motivation Improve the traditional recursive

More information

IPv6 support in the DNS

IPv6 support in the DNS IPv6 support in the DNS How important is the DNS? Getting the IP address of the remote endpoint is necessary for every communication between TCP/IP applications Humans are unable to memorize millions of

More information

Chapter 25 Domain Name System. 25.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Chapter 25 Domain Name System. 25.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 25 Domain Name System 25.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 25.2 Figure 25.1 Example of using the DNS service 25-1 NAME SPACE To be unambiguous,

More information

OVERVIEW OF THE DNS AND GLOSSARY OF TERMS

OVERVIEW OF THE DNS AND GLOSSARY OF TERMS OVERVIEW OF THE DNS AND GLOSSARY OF TERMS OVERVIEW OF THE DNS AND GLOSSARY OF TERMS The DNS is a technology that most IT managers don t think much about; it works well and usually does not require much

More information

Where is Hong Kong in the secure Internet infrastructure development. Warren Kwok, CISSP Internet Society Hong Kong 12 August 2011

Where is Hong Kong in the secure Internet infrastructure development. Warren Kwok, CISSP Internet Society Hong Kong 12 August 2011 The Internet is for Everyone. Become an ISOC Member. Cyber Security Symposium 2011 Where is Hong Kong in the secure Internet infrastructure development Warren Kwok, CISSP Internet Society Hong Kong 12

More information

Request for Comments: 1788 Category: Experimental April 1995

Request for Comments: 1788 Category: Experimental April 1995 Network Working Group W. Simpson Request for Comments: 1788 Daydreamer Category: Experimental April 1995 Status of this Memo ICMP Domain Name Messages This document defines an Experimental Protocol for

More information

OVERVIEW OF THE DNS AND GLOSSARY OF TERMS

OVERVIEW OF THE DNS AND GLOSSARY OF TERMS PROTECT YOUR BUSINESS D-Zone Anycast DNS Service OVERVIEW OF THE DNS AND GLOSSARY OF TERMS 1 PROTECT YOUR BUSINESS OVERVIEW OF THE DNS AND GLOSSARY OF TERMS The DNS is a technology that most IT managers

More information

Deploying IP Anycast. Core DNS Services for University of Minnesota Introduction and General discussion

Deploying IP Anycast. Core DNS Services for University of Minnesota Introduction and General discussion Deploying IP Anycast Core DNS Services for University of Minnesota Introduction and General discussion Agenda Deploying IPv4 anycast DNS What is ANYCAST Why is ANYCAST important? Monitoring and using ANYCAST

More information

The Importance of a Resilient DNS and DHCP Infrastructure

The Importance of a Resilient DNS and DHCP Infrastructure White Paper The Importance of a Resilient DNS and DHCP Infrastructure DNS and DHCP availability and integrity increase in importance with the business dependence on IT systems The Importance of DNS and

More information

Break Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost.

Break Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost. Break Internet Bandwidth Limits Higher Speed. Extreme Reliability. Reduced Cost. Peplink. All Rights Reserved. Unauthorized Reproduction Prohibited Presentation Agenda Peplink Balance Pepwave MAX Features

More information

WAN Traffic Management with PowerLink Pro100

WAN Traffic Management with PowerLink Pro100 Whitepaper WAN Traffic Management with PowerLink Pro100 Overview In today s Internet marketplace, optimizing online presence is crucial for business success. Wan/ISP link failover and traffic management

More information

Akamai CDN, IPv6 and DNS security. Christian Kaufmann Akamai Technologies DENOG 5 14 th November 2013

Akamai CDN, IPv6 and DNS security. Christian Kaufmann Akamai Technologies DENOG 5 14 th November 2013 Akamai CDN, IPv6 and DNS security Christian Kaufmann Akamai Technologies DENOG 5 14 th November 2013 Agenda Akamai Introduction Who s Akamai? Intelligent Platform & Traffic Snapshot Basic Technology Akamai

More information

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure Question Number (ID) : 1 (jaamsp_mngnwi-025) Lisa would like to configure five of her 15 Web servers, which are running Microsoft Windows Server 2003, Web Edition, to always receive specific IP addresses

More information

Response Policy Zones for the Domain Name System (DNS RPZ) By Paul Vixie, ISC (et.al.) 2010 World Tour

Response Policy Zones for the Domain Name System (DNS RPZ) By Paul Vixie, ISC (et.al.) 2010 World Tour Response Policy Zones for the Domain Name System (DNS ) By Paul Vixie, ISC (et.al.) 2010 World Tour Overview Motivation for DNS Response Policy Zones Relationship to DNS RBL (DNSBL) Constraints and Goals

More information

The F5 Intelligent DNS Scale Reference Architecture.

The F5 Intelligent DNS Scale Reference Architecture. The F5 Intelligent DNS Scale Reference Architecture. End-to-end DNS delivery solutions from F5 maximize the use of organizational resources, while remaining agile and intelligent enough to scale and support

More information

Flexible Training Options to Make the Most of Your IPAM Deployment

Flexible Training Options to Make the Most of Your IPAM Deployment Training Services Flexible Training Options to Make the Most of Your IPAM Deployment BlueCat offers a full curriculum of technical training to provide your staff with the knowledge and skills they need

More information

Content Delivery and the Natural Evolution of DNS

Content Delivery and the Natural Evolution of DNS Content Delivery and the Natural Evolution of DNS Remote DNS Trends, Performance Issues and Alternative Solutions John S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante Northwestern University

More information

Ensuring Business Continuity and Disaster Recovery with Coyote Point Systems Envoy

Ensuring Business Continuity and Disaster Recovery with Coyote Point Systems Envoy Ensuring Business Continuity and Disaster Recovery with Coyote Point Systems Envoy WHITE PAPER Prepared by: Lisa Phifer Core Competence, Inc. As e-business quickly becomes the norm, virtually every enterprise

More information

Registry Update. John Dickinson. Nominet UK

Registry Update. John Dickinson. Nominet UK Registry Update John Dickinson Nominet UK Registry Update What Nominet does Recent technical changes and future plans What Nominet does UK Domain Name Registry Delegated to provide name resolution for.uk

More information

Network Registrar Data Backup and Recovery Strategies

Network Registrar Data Backup and Recovery Strategies White Paper Network Registrar Data Backup and Recovery Strategies White Paper 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 7 Introduction...

More information

Configuring Failover

Configuring Failover Configuring Failover 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their respective

More information

Application and service delivery with the Elfiq idns module

Application and service delivery with the Elfiq idns module Technical White Paper Application and service delivery with the Elfiq idns module For Elfiq Operating System (EOS) version 3.x Document Revision 1.63 June 2012 Table of Contents 1. The IDNS module... 3

More information

Disaster Recovery White Paper

Disaster Recovery White Paper Introduction Remote access plays a critical role in successfully executing a business recovery plan both in terms of providing access for existing remote users and accommodating the potential increase

More information

Internet Resiliency and Recovery

Internet Resiliency and Recovery Internet Resiliency and Recovery Scott Hofer Executive Network Architect Scott Hofer, Executive Network Architect, IBM IBM Certified Executive Network IT Specialist M.S. Telecommunications 11 years with

More information

Enterprise Buyer Guide

Enterprise Buyer Guide Enterprise Buyer Guide Umbrella s Secure Cloud Gateway vs. Web Proxies or Firewall Filters Evaluating usability, performance and efficacy to ensure that IT teams and end users will be happy. Lightweight

More information

Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD)

Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD) Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD) Enterprise Cloud Resource Pool Services Features Sungard AS will provide the following in connection

More information

DNS zone transfers from FreeIPA to non-freeipa slave servers

DNS zone transfers from FreeIPA to non-freeipa slave servers FreeIPA Training Series DNS zone transfers from FreeIPA to non-freeipa slave servers FreeIPA 3.0 and bind-dyndb-ldap 2.3 Petr Špaček 01-03-2013 Text file based

More information

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON

GLOBAL SERVER LOAD BALANCING WITH SERVERIRON APPLICATION NOTE GLOBAL SERVER LOAD BALANCING WITH SERVERIRON Growing Global Simply by connecting to the Internet, local businesses transform themselves into global ebusiness enterprises that span the

More information

Securing an Internet Name Server

Securing an Internet Name Server Securing an Internet Name Server Cricket Liu cricket@verisign.com Securing an Internet Name Server Name servers exposed to the Internet are subject to a wide variety of attacks: Attacks against the name

More information

Alteon Global Server Load Balancing

Alteon Global Server Load Balancing Alteon Global Server Load Balancing Whitepaper GSLB Operation Overview Major Components Distributed Site Monitoring Distributed Site State Protocol Internet Topology Awareness DNS Authoritative Name Server

More information

Lecture 2 CS 3311. An example of a middleware service: DNS Domain Name System

Lecture 2 CS 3311. An example of a middleware service: DNS Domain Name System Lecture 2 CS 3311 An example of a middleware service: DNS Domain Name System The problem Networked computers have names and IP addresses. Applications use names; IP uses for routing purposes IP addresses.

More information

Four Reasons To Outsource Your DNS

Four Reasons To Outsource Your DNS Four Reasons To Outsource Your DNS Your company s website is up. Servers are churning transactions. The network is pumping data. Life is good. But everything in IT can change quickly. Today s slightly

More information

FAQ (Frequently Asked Questions)

FAQ (Frequently Asked Questions) FAQ (Frequently Asked Questions) Specific Questions about Afilias Managed DNS What is the Afilias DNS network? How long has Afilias been working within the DNS market? What are the names of the Afilias

More information

Using DNS SRV to Provide High Availability Scenarios

Using DNS SRV to Provide High Availability Scenarios AN-SBC-100 Sangoma Session Border Controllers Using DNS SRV to Provide High Availability Scenarios Contents 1. Sangoma Session Border Controllers - High Availability Solution...1 2. What is DNS SRV?...1

More information

Microsoft Exchange Load Balancing. Unique Applied Patent Technology By XRoads Networks

Microsoft Exchange Load Balancing. Unique Applied Patent Technology By XRoads Networks Microsoft Exchange Load Balancing Unique Applied Patent Technology By XRoads Networks Microsoft Exchange Server Balancing The following is an introduction and overview as to how the EdgeXOS appliances

More information

Networking Domain Name System

Networking Domain Name System System i Networking Domain Name System Version 6 Release 1 System i Networking Domain Name System Version 6 Release 1 Note Before using this information and the product it supports, read the information

More information

Choosing a Content Delivery Method

Choosing a Content Delivery Method Choosing a Content Delivery Method Executive Summary Cache-based content distribution networks (CDNs) reach very large volumes of highly dispersed end users by duplicating centrally hosted video, audio

More information

A High-Availability Architecture for the Dynamic Domain Name System

A High-Availability Architecture for the Dynamic Domain Name System A High-Availability Architecture for the Dynamic Domain Name System Geoffrey G. Filippi Thesis submitted to the faculty of the Virginia Polytechnic Institute and State University in partial fulfillment

More information

Pre Delegation Testing (PDT) Frequently Asked Questions (FAQ)

Pre Delegation Testing (PDT) Frequently Asked Questions (FAQ) Pre Delegation Testing (PDT) Frequently Asked Questions (FAQ) [Ver 1.7 2013-06- 04] List of contents General questions Who do I contact with questions about Pre- Delegation Testing?... 3 What is the process

More information

Neustar UltraDNS Managed DNS

Neustar UltraDNS Managed DNS Neustar UltraDNS Managed DNS Neustar UltraDNS Service Definition In Accordance with the ITT Open Procedure Crown Commercial Service G-Cloud 6 Submitted by NeuStar, Inc. ( Neustar ) Venture House, 42-54

More information

How To Understand The Power Of A Content Delivery Network (Cdn)

How To Understand The Power Of A Content Delivery Network (Cdn) Overview 5-44 5-44 Computer Networking 5-64 Lecture 8: Delivering Content Content Delivery Networks Peter Steenkiste Fall 04 www.cs.cmu.edu/~prs/5-44-f4 Web Consistent hashing Peer-to-peer CDN Motivation

More information

APNIC IPv6 Deployment

APNIC IPv6 Deployment APNIC IPv6 Deployment Ulaanbaatar, Mongolia 19 October 2015 Issue Date: Revision: Overview Deployment motivation Network deployment IPv6 Services deployment IPv6 Anycast service IPv6 Cloud service Summary

More information

Automatic Configuration of Slave Nameservers (BIND 9.7.2 only)

Automatic Configuration of Slave Nameservers (BIND 9.7.2 only) DNSSHIM 1 DNSSHIM is an open-source software that implements the Domain Name Name System (DNS) protocol for the Internet. Its main feature is to work as a Hidden Master nameserver, that is, provide information

More information

Meeting Worldwide Demand for your Content

Meeting Worldwide Demand for your Content Meeting Worldwide Demand for your Content Evolving to a Content Delivery Network A Lucent Technologies White Paper By L. R. Beaumont 4/25/01 Meeting Worldwide Demand for your Content White Paper Table

More information

Panorama High Availability

Panorama High Availability Panorama High Availability Palo Alto Networks Panorama Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054

More information

BT Internet Connect Global - Annex to the General Service Schedule

BT Internet Connect Global - Annex to the General Service Schedule 1. Definitions The following definitions apply, in addition to those in the General Terms and Conditions and the General Services Schedule. ARP means Address Resolution Protocol. Border Gateway Protocol

More information

Advanced Farm Administration with XenApp Worker Groups

Advanced Farm Administration with XenApp Worker Groups WHITE PAPER Citrix XenApp Advanced Farm Administration with XenApp Worker Groups XenApp Product Development www.citrix.com Contents Overview... 3 What is a Worker Group?... 3 Introducing XYZ Corp... 5

More information

F5 and Infoblox DNS Integrated Architecture Offering a Complete Scalable, Secure DNS Solution

F5 and Infoblox DNS Integrated Architecture Offering a Complete Scalable, Secure DNS Solution F5 and Infoblox DNS Integrated Architecture Offering a Complete Scalable, Secure DNS Solution As market leaders in the application delivery market and DNS, DHCP, and IP Address Management (DDI) market

More information

1 2014 2013 Infoblox Inc. All Rights Reserved. Talks about DNS: architectures & security

1 2014 2013 Infoblox Inc. All Rights Reserved. Talks about DNS: architectures & security 1 2014 2013 Infoblox Inc. All Rights Reserved. Talks about DNS: architectures & security Agenda Increasing DNS availability using DNS Anycast Opening the internal DNS Enhancing DNS security DNS traffic

More information

Reliable DNS and DHCP for Microsoft Active Directory

Reliable DNS and DHCP for Microsoft Active Directory WHITEPAPER Reliable DNS and DHCP for Microsoft Active Directory Protecting and Extending Active Directory Infrastructure with Infoblox Appliances Microsoft Active Directory (AD) is the distributed directory

More information

DOSarrest External MULTI-SENSOR ARRAY FOR ANALYSIS OF YOUR CDN'S PERFORMANCE IMMEDIATE DETECTION AND REPORTING OF OUTAGES AND / OR ISSUES

DOSarrest External MULTI-SENSOR ARRAY FOR ANALYSIS OF YOUR CDN'S PERFORMANCE IMMEDIATE DETECTION AND REPORTING OF OUTAGES AND / OR ISSUES .com DOSarrest External Monitoring S ystem (DEMS) User s Guide REAL BROWSER MONITORING OF YOUR WEBSITE MULTI-SENSOR ARRAY FOR ANALYSIS OF YOUR CDN'S PERFORMANCE IMMEDIATE DETECTION AND REPORTING OF OUTAGES

More information

How To Manage Dns On An Elfiq Link Load Balancer (Link Balancer) On A Pcode (Networking) On Ipad Or Ipad (Netware) On Your Ipad On A Ipad At A Pc Or Ipa

How To Manage Dns On An Elfiq Link Load Balancer (Link Balancer) On A Pcode (Networking) On Ipad Or Ipad (Netware) On Your Ipad On A Ipad At A Pc Or Ipa White paper The IDNS module for incoming load balancing For Elfiq Operating System (EOS) version 3.x Document Revision 1.5 October 2007 Elfiq Solutions www.elfiq.com COPYRIGHT The content of this document

More information

Portal Administration. Administrator Guide

Portal Administration. Administrator Guide Portal Administration Administrator Guide Portal Administration Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec

More information

Leveraging Best Practices for SolarWinds IP Address Manager

Leveraging Best Practices for SolarWinds IP Address Manager Leveraging Best Practices for SolarWinds IP Address Manager Share: Leveraging Best Practices for SolarWinds IPAM SolarWinds IP Address Manager (IPAM) is a comprehensive IP address management solution that

More information

dnsperf DNS Performance Tool Manual

dnsperf DNS Performance Tool Manual dnsperf DNS Performance Tool Manual Version 2.0.0 Date February 14, 2012 Copyright 2002-2012, Inc. - All Rights Reserved This software and documentation is subject to and made available pursuant to the

More information

High Availability for Citrix XenApp

High Availability for Citrix XenApp WHITE PAPER Citrix XenApp High Availability for Citrix XenApp Enhancing XenApp Availability with NetScaler Reference Architecture www.citrix.com Contents Contents... 2 Introduction... 3 Desktop Availability...

More information

Web Application Hosting Cloud Architecture

Web Application Hosting Cloud Architecture Web Application Hosting Cloud Architecture Executive Overview This paper describes vendor neutral best practices for hosting web applications using cloud computing. The architectural elements described

More information

HUAWEI OceanStor 9000. Load Balancing Technical White Paper. Issue 01. Date 2014-06-20 HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI OceanStor 9000. Load Balancing Technical White Paper. Issue 01. Date 2014-06-20 HUAWEI TECHNOLOGIES CO., LTD. HUAWEI OceanStor 9000 Load Balancing Technical Issue 01 Date 2014-06-20 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2014. All rights reserved. No part of this document may be

More information

DOMAIN NAME SECURITY EXTENSIONS

DOMAIN NAME SECURITY EXTENSIONS DOMAIN NAME SECURITY EXTENSIONS The aim of this paper is to provide information with regards to the current status of Domain Name System (DNS) and its evolution into Domain Name System Security Extensions

More information

Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution

Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution White Paper January 2012 Radware GSLB Solution White Paper Page 1 Table of Contents 1. EXECUTIVE SUMMARY... 3 2. GLOBAL

More information

Domain Name Service (DNS) Training Division, NIC New Delhi

Domain Name Service (DNS) Training Division, NIC New Delhi Domain Name Service (DNS) Training Division, NIC New Delhi Domain Name Service (DNS) I. History of DNS II. DNS structure and its components III. Functioning of DNS IV. Replicating DNS V. Dynamic update

More information

DNSSEC and DNS Proxying

DNSSEC and DNS Proxying DNSSEC and DNS Proxying DNS is hard at scale when you are a huge target 2 CloudFlare DNS is big 3 CloudFlare DNS is fast 4 CloudFlare DNS is always under attack 5 CloudFlare A secure reverse proxy for

More information

Security in the Network Infrastructure - DNS, DDoS,, etc.

Security in the Network Infrastructure - DNS, DDoS,, etc. Security in the Network Infrastructure - DNS, DDoS,, etc. GTER, São Paulo December 8, 2006 Steve Crocker, steve@shinkuro.com Russ Mundy, mundy@sparta.com Proactive Security Build security into the infrastructure

More information

Basic DNS Course. Module 1. DNS Theory. Ron Aitchison ZYTRAX, Inc. Page 1 of 24

Basic DNS Course. Module 1. DNS Theory. Ron Aitchison ZYTRAX, Inc. Page 1 of 24 Basic DNS Course Module 1 Ron Aitchison ZYTRAX, Inc. Page 1 of 24 The following are the slides used in this Module of the course. Some but not all slides have additional notes that you may find useful.

More information

Protecting Critical Websites and Internet Infrastructure using innovative cloud-based. Managed Services

Protecting Critical Websites and Internet Infrastructure using innovative cloud-based. Managed Services Protecting Critical Websites and Internet Infrastructure using innovative cloud-based Domain Name System Managed Services Businesses demand internet connectivity, security and resilience to achieve success

More information

Best Practices in DNS Anycast Service-Provision Architecture. Version 1.1 March 2006 Bill Woodcock Gaurab Raj Upadhaya Packet Clearing House

Best Practices in DNS Anycast Service-Provision Architecture. Version 1.1 March 2006 Bill Woodcock Gaurab Raj Upadhaya Packet Clearing House Best Practices in DNS Service-Provision Architecture Version 1.1 March 2006 Bill Woodcock Gaurab Raj Upadhaya Packet Clearing House It s all Large ISPs have been running production anycast DNS for more

More information

BIG IP Global Traffic Manager (GTM) v.11

BIG IP Global Traffic Manager (GTM) v.11 BIG IP Global Traffic Manager (GTM) v.11 This two day course gives networking professionals a functional understanding of the BIG IP GTM system as it is commonly used. The course covers installation, configuration,

More information

Evaluation Guide. Powerful & Immediate Business Web Security via the Cloud

Evaluation Guide. Powerful & Immediate Business Web Security via the Cloud Evaluation Guide Powerful & Immediate Business Web Security via the Cloud Contents 1 Introduction & Product highlights 2 Set up & Configuration 3 Managing your WebTitan Cloud Service 4 Reporting 5 Support

More information