Topics Discussed: The Basics of Secondary DNS What you Probably Didn’t Know Performance Benefits Misconceptions Variations of Secondary DNS Primary / Secondary Hidden Primary Primary / Primary Choosing a Secondary DNS Provider Full recording: https://www.youtube.com/watch?v=cVzge-a-nnc

1. Secondary DNS
Backup, Performance, & Peace of Mind

2. Secondary DNS Basics
Performance Benefits of
Secondary DNS
Misconceptions
Variations
Choosing a Provider

3.  There will be a 15 minute Q&A session at the end
of this webinar
 Please TWEET your questions @DNSMadeEasy
and use the #DNSWebinar hashtag
Questions?

4.  Secondary DNS provides extra DNS redundancy for your domains.
 If your primary provider becomes unavailable, your query traffic will
automatically be served by your secondary provider.
 Ensures 100% DNS uptime if your primary provider is downed.
Secondary DNS Basics
Secondary DNS could have saved hundreds of millions of
dollars in revenue during the October 21st 2016 DDoS attack
that took down Twitter, Reddit, and other top domains

5.  Businesses that rely on single-homed DNS could
lose hundreds of millions of dollars in revenue… in
just a few hours.
 Poor network and infrastructure planning
 Interdependencies: Financial services and 3rd party
resources on your site could also be at risk.
 Check your upstream providers and recommend that
they look into adding an additional DNS provider.
Impact on Business

6.  Secondary DNS actually
improves the performance of
your domains!
 By distributing your traffic
across 2 or more providers
 Resolving name servers use
RTT (Round Trip Time),
which favors the better
performing authoritative
name servers.
 This improves resolution and
load times of your domain.
Did You Know?
$ dig ns example.com +short
ns1.dnsmadeeasy.com 3 ms
ns2.dnsmadeeasy.com 6 ms
ns3.dnsmadeeasy.com 2 ms
ns4.dnsmadeeasy.com 9 ms
ns1.example.com 5 ms
ns2.example.com 15 ms
ns3.example.com 30 ms
ns4.example.com 16 ms

7. Misconceptions
 Secondary DNS is sometimes described as a BACKUP PLAN,
comparable to Failover.
 Instead of moving your query traffic from one provider to
another, both providers are always authoritative for your
domain’s traffic.
 Secondary DNS can be expensive and difficult to set up.

8. Variations
Secondary DNS

9. Primary / Secondary
$ dig ns example.com +short
ns5.dnsmadeeasy.com
ns6.dnsmadeeasy.com
ns7.dnsmadeeasy.com
ns1.example.com
ns2.example.com
ns3.example.com
ns4.example.com

10. Primary / Secondary
Benefits
 Easy to setup and maintain
 The number of name servers
authoritative for your domain
are increased
 Immediate transfer of zone
information
Disadvantages
 Does not support advanced
location-based configurations
 Does not work with CDN’s
 Only works with RFC
compliant configurations

11. AXFR / IXFR
 This method usually updates using a NOTIFY from the primary provider.
Otherwise, updates are detected by a scheduled serial number check
configured in your SOA record.
 Zone information is shared or updated from the Primary DNS Provider
to the Secondary using an AXFR or IXFR transfer.

12. Hidden Primary
$ dig ns example.com +short
ns5.dnsmadeeasy.com
ns6.dnsmadeeasy.com
ns7.dnsmadeeasy.com

13. Hidden Primary
Benefits
 Complements in-house
infrastructure for global resiliency
and scalability
 Updates quickly
 No need to redevelop existing
DevOps tools
 Extra layer of security
 Hybrid Infrastructure
Disadvantages
 Must be RFC compliant

14. Primary / Primary
$ dig ns example.com +short
ns1.dnsmadeeasy.com
ns2.dnsmadeeasy.com
ns3.dnsmadeeasy.com
ns4.dnsmadeeasy.com
ns1.example.com
ns2.example.com
ns3.example.com
ns4.example.com

15. Primary / Primary
Benefits
 Can use advanced features
like:
 Traffic direction, GeoIP
services, non-RFC compliant
configurations, weighted
round robin, and ANAME
records
 Works great with CDN’s!
Disadvantages
 Can be more costly
 Updates requires more labor
 Both networks need to be
updated to stay in sync
 Need to use providers with
similar features

16.  Constellix DNS offers a Primary / Primary automated solution:
 Automatically makes API calls to update Primary DNS service
when records are changed
 More flexibility because Constellix is not RFC-compliant
 Providers Constellix supports:
 DNS Made Easy
 AWS Route 53
 Google Cloud
 Microsoft Azure
The Constellix Advantage

17. 1. The Secondary DNS provider needs your Primary
provider’s DNS configuration:
 Primary / Secondary and Hidden Primary: RFC-
compliant zone updates using NOTIFY and
AXFR/IXFR
 Primary / Primary: Updates occur at each provider
using an API or Control Panel
Basic Setup

18. 2. Add the appropriate NS records to your domains
 Hidden Primary: Only show the NS records of the
public/secondary DNS provider.
 Primary / Primary and Primary / Secondary: Need to add
both NS records listed.
3. Notify your registrar that you added an additional provider
 Hidden Primary: Only show the name servers of the public /
secondary DNS provider.
 Primary / Primary and Primary / Secondary: Need to list
both name server lists.
Basic Setup Cont’d

19. Choosing a Provider
 Uptime history
 High availability
 Performance
 SEO
 Support
 Pricing
When choosing a Secondary DNS provider, you should use
the same principals when evaluating a primary service provider
to ensure your domain’s health.

20. Third Party Approved

21. Q & A
Tweet your questions @DNSMadeEasy using the
#DNSWebinar hashtag

22.  This webinar will be made available on the DNS
Made Easy blog: http://social.dnsmadeeasy.com/
 If you have any suggestions for future topics,
please Tweet us @DNSMadeEasy and use the
#DNSWebinar hashtag
That’s All Folks