Published on Thu, Apr 2, 2015 by Aaron
Most domains have one DNS provider configured as authoritative. A handful of the big players use two. For example Amazon, TripAdvisor and IMDB use Dyn and UltraDNS. LinkedIn, AOL and eBay use their own nameservers in combination with those of a third party DNS provider.
Here at TurboBytes we use NSONE and AWS Route53 in our Multi-CDN platform, and our friends at MaxCDN recently started using these providers as well. We had two reasons for using two DNS providers:
In this article we'll show you - using our RUM for DNS performance data - that using two DNS providers indeed results in lower response times and higher reliability, for example in Brazil, as you can see in our Authoritative DNS Performance Reports.
We'll take a look at two possible situations:
Both providers have a POP in Sao Paulo and AWS Route53 also has a POP in Rio de Janeiro. From that alone you’d expect Route53 to outperform NSONE in terms of response time. And that is indeed the case:
The days where both Route53 and NSONE have 'a normal day' (not: March 25 and 26), you can see in the chart that
One may expect that the SRTT mechanism also results in a low Fail Ratio. And it does: in this 14 day time frame, the Fail Ratio of the combo was clearly better than that of a single provider.
Our RUM beacons a Fail when the authoritative was too slow, down or sent a bad response. More info.
In the first chart you saw that on March 25 and March 26, Route53 response time increased by ~ 30% and became worse than NSONE's response time. Let's look a bit more closely at dual provider DNS performance in case the performance of one of the providers goes bad.
So far we’ve been taking a country level view. Let’s zoom in on a few networks to have better insight in what happened in Brazil in the past 14 days and especially on March 25 and 26.
About 31% of our performance tests in BR were initiated by end users connected to AS28573 and most of them used resolvers on the same network. Route53 response time was not very consistent and most days better than NSONE. On March 25 and 26, Route53’s response time jumped and so did the response time of the combo, but not so much. Do the resolvers here do SRTT? One can argue it’s not crystal clear. Let’s zoom in on those two days in March:
And now we know: resolvers on AS28573 do SRTT.
AS18881 was the #2 network in Brazil, with 17% of our performance tests initiated by end users connected to that network. Again, most of them used resolvers on the same network. Normally, Route53 and NSONE median response times are not too far apart (5 - 15 ms difference), and it’s clear the resolvers here do SRTT and favored Route53. If the resolvers did not do SRTT, on March 21 the blue line would have peaked too just like NSONE did. Thank you SRTT!
The #3 network in Brazil for us at that time and - together with AS28573 - the network that made a difference on March 25 and 26: Route53 response times jumped from ~ 130 ms to ~ 215 ms daily median, SRTT kicked in and most queries flowed to NSONE.
So far we’ve made statements about resolvers doing SRTT based on performance data only, but we can do better.
In our RUM for DNS, we have a way to track the ‘Query Share’ of each provider in the combo: we know what % of responses were served by NSONE and what % by Route53. See the table below for the Query Share per provider for the 3 aforementioned ASNs for March 31.
|ASN||NSONE query share||Route53 query share||Fail %|
We’ve shown data here for just two providers, NSONE and AWS Route53, but you can be assured the other providers have performance hiccups too (hint: more blog posts coming soon).
Queries from your end users to your authoritative nameservers go through resolvers, and many resolvers have a built-in mechanism for failover and RTT/latency optimization. Isn’t that just great? We think it is.
FYI, not all resolvers do SRTT (hint: more blog posts coming soon).
We acknowledge there are several valid reasons not to use more than one DNS provider, but if you care a lot about DNS performance and the reliability of your sites and apps, you should consider using two DNS providers.
We always welcome your thoughts, ideas and feedback. Please share below in the comments section and don't forget to check out our Authoritative DNS Performance Reports.