(This is a guest post from Mehdi Daoudi, CEO and Co-Founder of Catchpoint)
After working with one of our clients earlier in August, I tweeted the following: “I am just amazed how many companies use their registrars DNS as primary DNS … not GOOD! “
I have previously talked in our blog about the importance of DNS on web performance but in reply to the tweet, I received several questions — making it clear that registrar-provided DNS needed a discussion all of its own.
This is that discussion.
Usually a company buys a domain from a registrar (GoDaddy, Network Solutions, 1and1, etc.) and then either delegates that domain to their own DNS system or rely a 3rd party service to manage it (Dyn, Cotendo, Verisign, Nominum, Cloudfloor, UltraDNS, DNSmadeeasy, etc.), or rely on the registrar’s DNS services.
Don’t get me wrong – the DNS services offered by a registrar are more than sufficient for the great majority of the websites in the internet like blogs, personal sites or sites with small presence.
Even if you are medium size website, a registrar’s DNS could work just fine if you rely on long TTLs and don’t need any advanced features like geographical load balancing or fast failover capabilities.
On the other side, a registrar’s DNS might not be your best choice if you are a website with global presence and web performance is key to your success 0r if you are a third party service that impacts the performance of your clients (like ad serving) and have SLAs.
Additionally, if you rely on CDNs to serve the static content, why rely on a registrar for the DNS entries pointing to the CDN? You are investing into speed, so you might as well invest on all the components impacting speed and DNS is the first one to impact it.
Registrars offer their services for free and often the price reflects in their performance. Keep in mind not all registrars are equal as their level of investment in their infrastructure varies and so does their quality.
The most common reasons why the DNS performance of a registrar could be poor
- Their DNS Servers are not well-distributed geographically and/or not relying on technologies like IP Anycast to route DNS queries to the closest servers.
- Their ISP peering points might be limited.
- Their DNS servers are not the fastest or not reliable. We have seen many timeouts as a direct result of poor performance from registrar-provided DNS.
At Catchpoint, we monitor the DNS performance from multiple geographical locations relying on three distinct methods:
- Measure DNS Resolution as part of a web performance monitoring, relying on a DNS resolver and respecting TTLs.
- Emulate a DNS Resolver (performs recursive queries to resolve the domain) with a clean cache.
- Directly query a specific NS server and measure the performance of that server.
Two client cases: performance problems
To protect the privacy of our clients we are not making public who they are, the domains, or the registrars.
Example 1: A Catchpoint client observed multiple DNS failures through our IE8 browser based monitoring. The client relied on a registrar to host the CNAME to their CDN. We analyzed which NS servers involved in the domain resolution and ran a performance analysis for each server.
The following scatterplot displays the raw data collected on IE8 Agent on a 3 day period in February/March 2011:
Each one of those red dots represents a failure to resolve DNS and they were all caused by a registrar used.
Example 2: An ad serving company was relying on a registrar for their DNS. They were experiencing slow performance and had high impressions discrepancies with other ad serving solutions. The following chart shows the Response time of a simple ad call with the DNS resolution time.
At Webperf meetups, I emphasize that when monitoring web performance it is vital to see the entire picture, and that picture includes DNS. DNS is the first, critical link between you and your customers.
Recommendations on DNS handling
- Avoid Short TTLs where possible, especially if you must rely on registrar DNS infrastructure
- Avoid multiple CNAMEs
- Use distributed DNS infrastructures based on your user base or use third parties that specialize in DNS resolution
- When hosting your own DNS infrastructure, make sure you have the capacity to handle DDOS attacks & traffic surges
- Use Catchpoint’s tools to effectively and reliably monitor your complete DNS response paths
- Make sure to keep your internal LAN DNS records separate from your production DNS
- You can also make sure your CDNs and other 3rd parties rely on Anycast. Here’s an article from Patrick Meenan about the importance of Anycast and its impact on Web performance.
In conclusion, make sure you rely on the right DNS service based on your needs. Just like any other purchase, there is correlation between price, features and quality – free or cheap services do not offer the best speed and reliability – and might lack some of the features you need. If speed is key to the success of your company, invest money into a third-party DNS service and make sure you configure it right.
Dyn offers the platform for some of the greatest minds on the Internet to contribute their thoughts via guest blogs. Follow on Twitter and Facebook.