Back in the mists of time, in the early 1980s, the Domain Name System (DNS) was born.
The emerging Internet needed a phone book, a way to put numbers to names and navigate the web. The numbers were IP addresses, of course, and the names belonged to domains, like Symbolics.com, the very first shingle hung out in cyberspace.
Ronald Reagan was president, Madonna ruled the pop charts and the Internet wasn’t called the Internet yet. It was still known as ARPANET. Bonus points if you know the acronym. And hey, no cheating by using, you know, the Internet.
In its infancy, DNS met a purely technical need.
It was a routing and addressing solution, pure and simple, a little understood way to connect to websites in milliseconds. Or, in the words of one DNS expert, a kind of “voodoo technology.” Designed by engineers for other engineers, nothing the folks in pinstripes needed to worry their pretty little heads over.
And in its basic form, DNS is still that. Unlike shoulder pads on dresses, hair bands and Pong, rudimentary DNS is still widely embraced, but only as a foundation. The Internet has grown up fast and like any adolescent, it’s made strident demands – some of them quite reasonable from a business point of view.
Over time, DNS has grown to meet business needs too.
As the Internet and ecommerce grew, routing customers to websites quickly and securely became the equivalent of building your store in a well-lit neighborhood with access to good roads. Managing your piece of the domain name system became a critical task. Doing it well had a real impact on the bottom line, especially as start-ups became commercial powerhouses.
Following are 4 ways to build on your DNS and do your humble part to speed business growth.
Some of these best practices map to business performance, others to cyber security. All are hallmarks of companies with a substantial online presence. Which is to say, those with a lot at risk out there on the web.
1. Get Serious About Managing Traffic.
Here are two proven ways (with a third to follow).
Weighted Load Balancing
Your global DNS traffic is probably routed through multiple resources: data centers, cloud providers, content delivery networks, etc. To distribute the load efficiently, many companies rely on traditional load balancing, which routes DNS requests in simple round-robin fashion.
Weighted load balancing ups the ante by assigning weights (percentages) to your computing resources. In other words, 25% of DNS requests might go to server A, 25% to server B and 50% to server C. If server C is suddenly overloaded, your solution dynamically lowers its weight and assigns more traffic to B or C, thanks to monitoring probes that measure server performance. Some solutions even support custom probes based on specific requirements, for instance, proprietary applications that communicate on non-standard ports.
The upshot: reduced latency and dropped requests, ensuring that your customers enjoy fast, seamless service.
Some weighted load balancing solutions come with automated failover. When a resource underperforms and is in danger of failing, traffic is automatically rerouted, flowing to other resources until the problem is fixed. Again, global monitoring agents probe selected servers, conducting standard protocol or transaction-based testing. If a server exceeds thresholds for acceptable performance, your system concludes the resource is down and launches failover. It’s protection against outages and lost revenues.
Business value: More reliable global service and happier customers.
2. Localize DNS Responses with Origin-based Routing.
Origin-based routing is another means of managing traffic. It lets you respond to DNS requests based on their geographic origin, whether the user is in Seattle, Atlanta or Shanghai. If a request comes from China, your Asian or West Coast server responds, not a resource in Cleveland. The result is speedier, more reliable and more functional service.
Knowing the user’s location also allows your website to display more relevant content like local news or product offers. How great is that? Let us count the ways:
- Optimize network performance
- Make the most of your first customer touch point, with customized offers, images and more
- Display the right language and currency for international customers
- List the closest stores and boost brick-and-mortar sales
Business value: Faster service and the custom content customers expect.
3. Make Sure Your Recursive DNS Protects Against Growing Threats.
When someone in your business types an Internet address, a recursive server is normally responsible for finding the right answer. It caches DNS answers for a predetermined time, so the next time someone looks up a domain with current information, you’re spared the hassle of searching all over the Internet, which in turn can save valuable time and bandwidth. If your recursive service is poor or fails, your productivity slips. That’s why recursive DNS must be fast, reliable and highly secure.
Regarding the latter, a good recursive solution offers category-based filtering to stop inappropriate requests (think gambling or porn sites) before they reach your network. You’ll also want the ability to block specific sites. The benefits of filtering: you can eliminate bad traffic that might otherwise clog your network and ensure that employees won’t be distracted by non-compliant sites, some of which may contain malware or other threats.
You can protect your business from:
- Malware sites
- Spyware sites
- Phishing sites
- Sites with excessive or improper advertising
Business value: Faster service and the custom content customers expect.
4. Protect Your DNS & Bottom Line from DDoS Attacks.
Distributed denial of service (DDoS) attacks make headlines daily. By knocking businesses offline, they damage revenue, customer service and public confidence. DNS is a popular DDoS attack vector, either as an initial target or a Plan B when other vectors (websites, email servers, APIs) are well defended and attackers begin to improvise.
For example, in June 2013 PC World reported that large-scale DDoS attacks targeted the DNS servers of three different providers of domain name management and DNS hosting services. One was hit by a technique known as DNS reflection or DNS amplification. Queries from a spoofed IP address – the victim’s – flooded the company with ANY requests for a range of domains it managed. This amplified the small queries into much larger responses aimed at a specific network, taxing bandwidth for days.
If you manage DNS in house, be sure it’s part of any internal DDoS protection planning. If your ISP supplies DDoS protection, ask detailed questions about DNS coverage. A growing number of cloud-based services offer DDoS protection too. Whichever way you go, don’t make DNS security a mere afterthought.
“DDoS mitigation … must be included in all Internet service procurements when the business depends on the availability of Internet connectivity.”—John Pescatore, VP and Research Fellow, Gartner Research
Business value: If your DNS goes down, so does your online presence.
More robust DNS can give you:
- More efficient traffic management
- Faster, better service
- Protection from DDoS attacks
- Protection from malware and other threats
- Greater site availability
- Custom web content
- A more relevant customer experience
- Major business value
For each of these benefits, you don’t have to connect too many dots to get to the bottom line. So whether you add to your DNS in house, via your ISP or through a managed service provider, smart choices mean great returns. Not bad for voodoo, huh?