Editor’s Note: This is a guest blog post by Kameerath Kareem, of Catchpoint.
The DNS (Domain Name System) is the most significant and the most vulnerable part of the Internet; Website availability can be directly impacted by changes made to the DNS records which can in turn compromise digital experience. Cache poisoning, hijacking, spoofing, DDoS attacks are some of the ways hackers distort DNS to disrupt website performance.
Methods to optimize DNS performance mainly focuses on caching DNS records in different geographic locations and reducing the queries to the authoritative name server and to reduce the latency of those queries themselves. The authoritative servers are queried only when the existing DNS cache has expired. This links DNS propagation directly to website availability and performance. Updates or changes to the DNS records take time to reflect across the internet and can be influenced by factors such as
- The TTL (Time to Live) settings
- DNS settings on the ISP (Internet Service Provider)
Recursive DNS servers cache the domain’s DNS records based on the time period set as the TTL values. The server requests for updated DNS records once the TTL expires. The shorter the TTL, the faster the DNS propagation but this also results in an increase in the queries made to the authoritative nameservers which could slow down the server and therefore the user waiting on the query. If the TTL value is higher then the updates to the domain’s zone file will take longer to propagate.
The end-user experience depends on the DNS resolvers of the Internet service providers by default. ISPs cache DNS records to cut down on unnecessary roundtrips and to speed up the DNS resolution. ISPs may store cache for longer, ignoring the TTL set for the domain; the cache remains for 2-3 days before the ISP queries for fresh data. There are a number of reasons why this is a common practice among some ISPs-
- Domain administrators may set the TTL too low which can pile up DNS requests and add to the server overhead.
- During site migration, the administrator may tweak the TTL and set it to the lowest value allowed on the DNS server, to ensure there is minimum downtime. But the low TTL results in higher frequency of DNS requests and eventually adds to the page load time.
- ISPs can free bandwidth by serving from cache allowing the website to load faster.
Popular websites with heavy traffic are usually cached by the ISPs along with the DNS records to ensure higher speed and performance. Google has its own cache servers around the world called the Google Global Cache or GGC.
“Our edge nodes (called Google Global Cache, or GGC) represent the tier of Google’s infrastructure closest to our users. With our edge nodes, network operators and internet service providers deploy Google-supplied servers inside their network.” – Google
The GGC servers work directly with ISPs to cache google services which ensures a high speed digital experience. This makes it possible for users to stream YouTube videos even over slow network connections.
Does this impact user experience?
Changes to the DNS records takes time to update across the Internet. Consider a domain with DNS records that have a high TTL for the NS records. When this domain is moved to a new DNS hosting server, the end-user remains directed to the old DNS server till the TTL expires. This means that the user may be served outdated data or redirected to an older version of the same site until the TTL expires and the ISP clears the cached DNS records. This can impact the user’s digital experience negatively.
Issues resulting from stale DNS records are difficult to troubleshoot. Catchpoint offers several DNS monitors, one of which is the DNS Experience test. Our last mile nodes, located at multiple locations around the world, connect to different ISPs and allows you to query the ISP to display the cached DNS records. This effectively gives the view of what the global DNS recursives are experiencing now.
DNS monitoring allows you to measure DNS latency and availability. Let us take an example of Amazon.com; Running a DNS experience test from our last mile nodes (Comcast and Sprint) in New York gives us a snapshot of what is in each ISPs cache.
These tests help you see under the hood to understand performance issues better. With the data collected through DNS monitoring, you can analyze the DNS cache that is otherwise only visible to the ISP.
ISPs use DNS caching as way to manage traffic and improve user experience, caching makes DNS resolution faster and cuts down the overall page load time. Ignoring the TTL set for the domain may not be the ideal way to optimize DNS performance as it delays the propagation of changes made to the DNS records, which in turn results in poor digital experience for users. It also makes troubleshooting website availability issues complicated when the domain administrators are unaware of the caching practices of their preferred ISP.