3% of Websites Downed As DNS Service Fails: How to Eliminate Your Risk
Earlier this month, Yottaa Monitor detected that a number of websites had simultaneous and very similar performance issues.
The proliferation of a single type of performance problem is interesting regardless, but this case was especially urgent: the sites were entirely inaccessible for all visitors. That?s a big problem.
Even more alarming was the sheer number of sites that were experiencing downtime. After analyzing the stats, we found that, out of the tens of thousands of sites on Yottaa Monitor, around 3% were affected. In the wider Internet, the percentage was likely similar. We?re talking millions of sites potentially down for hours. This can have a hugely detrimental impact on conversions, user experience, and website credibility.
The cause of the issues, as reported by Yottaa Monitor, was DNS failure. Looking into the cause led us to a handful of name servers run by one of the world?s largest domain registrars, which services millions of domains. This registry service experienced failures in its DNS service for several days, and any sites with records tied to those downed name servers were totally inaccessible until the servers were back up.
Unless you own or work for one of these sites, you probably didn?t hear about the outage. That?s because throughout the time frame when major issues were present, there were no alerts sent from the company, and no updates on Twitter. At one point, one company source said the problems were caused by a DDOS attack, but no further information or updates were given. We still don?t know what happened.
Why Should I Care About My DNS Provider?
We are not reporting this outage to dish on a single provider, but instead to bring up an important web performance best practice: Care about your DNS!
The fact is it?s easy to forget about your DNS service. The service is either low-cost or free, and entirely hands-off except for when setting up a new website or page. But the simplicity and affordability say nothing of its importance.
DNS failure is catastrophic ? the site inaccessible to all visitors ? so even if failures are rare, they can be extremely costly. The truth is 100% uptime has to be the goal. There are plenty of performance challenges to deal with on today?s complex websites ? traffic spikes, third-party script failure, heavy front-end content ? without worrying about whether the relatively simple DNS step is up and running.
Why do so many DNS providers stink?
The short answer to why these issues happen: many DNS providers are not DNS providers per se.
A majority of sites still use the DNS service that?s packaged with their domain registry or hosting. Herein lies the problem ? for a domain registry, whose income is derived primarily from registering domains and hosting them, DNS is a cost center. A company like that has little incentive to stay up to date with current technology of a service none of their customers pay for.
The hard evidence of this phenomenon is that none of the major domain registrars employ IP Anycast DNS technology, which has been the premier DNS technology for several years now. Outdated DNS technology cannot guarantee 100% uptime, and results in outages like the one described above (or like last year?s GoDaddy outage that took down 40 million sites).
How To Eliminate DNS Risk
IP Anycast really works. An Anycast system involves a network of DNS servers spread around the world, and each request is directed to the name server closest to the client. This reduces resolution time (good for performance!), but also introduces automatic failover.
Heartbeat checks are constantly performed on all the name servers, so that the moment one goes down, requests will cease to be sent to it. The most that can happen when one server fails is that visitors from that region will experience slightly longer DNS resolution time than normal ? a far cry from site downtime.
There are a number of providers that offer IP Anycast-based DNS service for less than $50 a month. That?s obviously more than free, but when facing the prospect of hours or days of complete downtime, most businesses, even small ones, will find that figure to be negligible.
Enlisting a better DNS service is an easy and relatively cheap solution to a serious problem. We encourage everyone to do it!