Prevent DNS Downtime

The Domain Name System (DNS) maps domain names to IP addresses. This is an essential part of the Internet. It is also one of the most vulnerable. DDOS and other types of hacker attacks on DNS servers can bring down huge parts of the Internet. It's not just hackers that cause DNS problems. DNS can go down due to hardware failures, database corruption and networking issues.

When DNS goes down visitors are no longer able to reach your website. When your DNS provider has problems, your website stops functioning.

There are two simple ways to improve the robustness of your website. The first is to increase the Time To Live (TTL) of your DNS records.

The way DNS works is that there is an authoritative server or group of servers which host your DNS file. This DNS file is also known as a 'zone file'. This zone file has all your DNS records in it. It tells the Internet how to find your website, how to send you email, etc.

So this small group of authoritative DNS servers host your zone file. Your domain name registrar tells the Internet where these authoritative name-servers are found. The zone file from these authoritative name-servers is then shared with other 'recursive' name-servers. The recursive name-servers update this information every so often. They check for updates from the authoritative name servers. The TTL sets the time between update checks of your DNS records. A low TTL means that the recursive name-servers check for updates often. Recursive name-servers check for updates less often when the TTL is high.

When the TTL is set low, DNS updates propagate through the Internet at a high-speed. This is great for when you are making changes to the DNS records. But when you do not need to update the DNS, there is no reason to keep the TTL low. In fact a low TTL can lead to downtime.

A low TTL is bad when the authoritative name-servers have problems. The lower the TTL the faster these problems spread through the Internet.

Let's say that there is a problem with your authoritative name-servers. Lets say the servers go down and no one can reach your DNS records. If the TTL is set to 5 minutes then your website becomes unreachable to the whole Internet within 5 minutes. This is because all the recursive name-servers on the Internet checked for an update of your DNS records in those five minutes. When they were unable to find an update they just deleted their records.

Now if the TTL was set to 24 hours then all those recursive name-servers would wait 24 hours since their last check to look for a new DNS update. This means that some recursive name-servers might see the problem. But others won't see the problem for hours. If your authoritative name-servers are only down for one hour, but your TTL is set to 24 hours, there is a good chance that most people will not even realize there was a problem.

There is no reason to keep your DNS TTL set to anything less than 24 hours if you are not making DNS changes in the immediate future.

The second way to make your DNS records more robust is to use multiple DNS providers. There are many services which offer free DNS hosting. Using a few of these together may be a good idea.

The trick here is to make sure all your DNS providers allow you to edit the NS records. Some providers do not allow editing of NS records.

The other thing to remember is that with multiple DNS providers you will have to update all the providers' records anytime you make a change.

Using multiple DNS providers is not for every website.