DNS— [Notes]
· Types of DNS servers
· DNS Resolution process
· DNS Load Balancing
∘ Limitations Of DNS Load Balancing #
· AWS Route 53 [ Global Load Balancing ]
∘ Benefits of Global Load Balancing
· Global Server Load Balancing (GSLB) — Advance
· GeoDNS
· [Important] How is internet traffic routed to the nearest server?
· Same IP for two hostnames?
· TODO
Types of DNS servers
DNS Resolution process
📌amazon.com is the domain name we are trying to resolve.
📌Step #1 — When the user/client hits enter after typing the domain name into their browser, the browser sends a request to the DNS Recursive nameserver (also known as the DNS Resolver)
DNS Resolver/DNS Recursive nameserver — managed by ISP internet service provider
The whole DNS system is a distributed system setup in large data centres managed by internet service providers.
These data centres contain clusters of servers that are optimized to process DNS
queries in minimal time that is in milliseconds.
📌Step# 2 — once the DNS Resolver forwards the request to the Root nameserver,
📌Step# 3— the Root nameserver returns the address of the Top-Level domain nameserver in response.
✅ for amazon.com → .com is a top-level domain
📌Step #4 — Once the DNS Resolver receives the address of the top-level domain nameserver, it sends a request to it to fetch the details of the domain name
For instance, .com top-level domain nameserver will contain information on
domains using .com. Similarly, a .edu top-level domain nameserver will hold
information on domains using .edu
📌Step # 5 — Once the top-level domain name server receives the request from the Resolver, it returns the IP address of amazon.com domain name server(Authoritative nameserver)
amazon.com domain name server is the last server in the DNS query lookup
process. It is the nameserver responsible for the amazon.com domain & is also
known as the Authoritative nameserver. This nameserver is owned by the owner of the domain name.
— owned by amazon.com and is responsible to reply the actual IP address using this amazon.com can change IP frequently with no need to publish those to the web.
📌Step # 6 — DNS Resolver then fires a query to the authoritative nameserver
📌Step # 7 — it then returns the IP address of amazon.com website to the DNS Resolver.
📌Step # 7.2— DNS Resolver ✅caches the data and forwards it to the client.
📌Step # 8 — On receiving the response, the browser sends a request to the IP address of the amazon.com website to fetch data from their servers.
✅ Often all this DNS information is cached and the DNS servers don’t have to do so much rerouting every time a client requests an IP of a certain website.
✅ DNS information of websites that we visit also gets cached in our local machines that are our browsing devices with a TTL Time To Live.
✅ All the modern browsers do this automatically to cut down the DNS query lookup time when revisiting a website
💡amazon.com will resolve into → Authoritative Nameserver of .com IPs
amazon.in will resolve into → Authoritative Nameserver of .in IPs
DNS Load Balancing
✅The final end server, in the lookup chain, is the authoritative server that returns the IP address of the domain.
✅ When a large-scale service such as amazon.com runs, it needs way more than a single machine to run its services. A service as big as amazon.com is deployed across multiple data centres in different geographical locations across the globe.
📌 DNS load balancing enables the authoritative server to return different IP addresses of a certain domain to the clients.
📌Every time it receives a query for an IP, it returns a list of IP addresses of a domain to the client.
📌 As the client receives the list, it sends out a request to the first IP address on the list to fetch the data from the website.
✅ The reason for returning a list of IP addresses to the client is to enable it to use other IP addresses in the list in case the first doesn’t return a response within a stipulated time
📌 When another client sends out a request for an IP address to the authoritative server, it re-orders the list and puts another IP address on the top of the list following the round-robin algorithm
[With every request, the authoritative server changes the order of the IP addresses in the list in a round-robin fashion.]
✅when the client hits an IP it may not necessarily hit an application server, it
may hit another load balancer implemented at the data centre level that manages the clusters of application servers.
Limitations Of DNS Load Balancing #
- doesn’t take into account the existing load on the servers, the content they hold, their request processing time, their in-service status and so on.
- since these IP addresses are cached by the client’s machine and the DNS
Resolver, there is always a possibility of a request being routed to a machine that is out of service. - DNS load balancing despite its limitations is preferred by companies because it’s an easy and less expensive way of setting up load balancing on their service.
AWS Route 53 [ Global Load Balancing ]
Amazon Route 53 provides highly available and scalable Domain Name System (DNS), domain name registration, and health-checking web services.
Using AWS Route 53 for global load balancing, you can benefit from improved latency and better availability for your application stack.
Global load balancing involves routing application traffic to geographically diverse servers or data centres. This can be done with both physical and virtual infrastructure.
Benefits of Global Load Balancing
There are a number of use cases where you can benefit from global load balancing.
- Application latency. You might want to reduce application latency by locating your application servers in close geographic proximity to the application clients.
- Geolocation. Your requirements dictate that clients in a specific geographic region are routed to a subset of your application stack. This can come in handy when there are legal requirements dictating whether content is available to clients from that region, or where certain types of information (such as PII), are stored.
- Scalability. You want to spread your server footprint across multiple regions and datacenters as a means to scale your application. A use case for this would be one time events where you spin up datacenters in a region to handle traffic for a special event in that region, then spin them back down once the event is over.
- Application maintenance. You can reduce downtime in your application during maintenance cycles by shuffling traffic away from a regional installation while you perform updates or maintenance to that region’s servers, then moving the traffic back once your updates are complete.
- High availability can be achieved by distributing application load across your datacenters, and using monitoring to determine endpoint availability. Through the use of routing policies, you can have Route 53 automatically failover to a known good region if another region becomes unavailable for some reason.
- Disaster recovery could be achieved by maintaining a primary and a backup location. Data is replicated from the primary to the backup location, and if you are using Route 53 end point monitoring, failover from one region to another can be achieved in this manner.
Global Server Load Balancing (GSLB) — Advance
Comparison between ALB, NLB, and GLB
GeoDNS
TODO: GeoDNS vs Anycast | GeoDNS vs CDN
The key benefit of GeoDNS is that it resolves the same name to different IP addresses based on the requester’s IP address.
You set up an authoritative DNS server. At some point, a URL will have to be resolved by your DNS server. At this point, you can see the client’s local DNS (LDNS) server IP. You return an IP that is close to the LDNS (based on whatever knowledge you have). This is what Akamai or GeoDNS do.
✅IP addresses are distributed geographically depending on the location of the user making the DNS request
✅ GeoDNS is the first step in distributing users to different locations and it is not one hundred per cent accurate typically it makes use of IP address allotment information for guessing the location of the user however, it works well enough for 90% of the users
✅A DNS that responds differently for a different requesters
[The biggest drawback of DNS-based solutions is that some clients will not reliably refresh their DNS caches in the event of a failover. On the site, I work on (which is a big site), we’ll see clients hitting deprecated VIP days to weeks after removing their IP from DNS. Fixes for this get pretty exotic, generally depending on using routing protocols to “move” the VIP from one site to another in addition to the DNS change.]
✅GeoDNS uses a map of resource locations and performs logic to determine which of those resources is closest to a given requesting IP address and then returns that IP address.
[Important] How is internet traffic routed to the nearest server?
You should have a look at the literature on Content Delivery Networks. They know very well how to route to the nearest server. Basically, there are three request routing mechanisms used by CDNs, which can be combined.
1.) Anycast request routing: As you stated correctly, anycast addresses are announced from multiple locations. Each router prefers the shortest path. This approach is used, e.g., by CloudFlare.
2.) DNS request routing: You set up an authoritative DNS server. At some point, a URL will have to be resolved by your DNS server. At this point, you can see the client’s local DNS (LDNS) server IP. You return an IP that is close to the LDNS (based on whatever knowledge you have). This is what Akamai or GeoDNS do.
3.) HTTP request routing (if you deliver HTTP content): You resolve to any HTTP server, the HTTP server maps the IP to a closer HTTP server and creates an HTTP redirect for the client. This option wastes a lot of RTTs and may only be useful if latency is not your foremost optimization goal, e.g., for video. This is what YouTube does (together with DNS request routing).
As stated beforehand, you can combine those three. For instance, 1.) and 3.) allow for geo-location via anycast plus load balancing via an HTTP redirect (if needed).
Same IP for two hostnames?
- Not possible at ICANN level but can be achieved using ALIAS/CNAME
