The reason why Premium DNS isn't Any More

Oct 3, 2022

There's a good chance you've heard the phrase "premium DNS" thrown around before and maybe you didn't give any thought to it. The majority of people realize that a premium DNS provider could benefit their business, but they don't have the initiative to implement it or maybe don't know how.

What exactly is DNS?
The DNS Attack that impacted the Entire Internet
Premium DNS Provider Benefits
How to Set up Premium DNS With

What is DNS?

But, if you're dedicated to your company or website, we strongly recommend you go using a premium DNS provider, which we will explain in greater detail below.

This was the DNS Attack that Affected the Entire Internet

Basically what happened is that they managed to take Dyn's DNS servers down and, as we've already explained in the event that they were not there, DNS lookups start to stop. Dyn reported on the issue via the official Status page and was able to offer consistent updates throughout the entire assault, which took about 11 hours.

dyn dns ddos attack status — Dyn DNS DDoS attack status

We continue to reduce the impact of a DDoS against our managed DNS network. For more information visit our status page.

-- Dyn (@Dyn) October 21, 2016

Here is an example of what one of Dynatrace's SaaS clients was seeing on Friday the 21st from their DNS monitoring app. This attack focused on specifically the East Coast but it rippled all over the United States and Europe.

Due to what has happened, businesses must reevaluate the way they manage DNS. Setting up a secondary DNS provider to serve as backup can offer redundant services when problems like those ones mentioned earlier occur. If anything, we at least recommend choosing a premium DNS service, as opposed to the free ones as they're more able to tackle these challenges. Although attacks on this size aren't commonplace, DDoS attacks in general don't seem to be. In fact, according to data provided from easyDNS, DDoS attacks over the last few years are growing more serious.

As of the time I wrote this article on October 31st, 123 Reg, an important domain registrar was fighting with a DDoS attack against their DNS. In the years to come the number of DDoS attacks to grow.

Premium DNS Provider Benefits

There are many good free DNS providers out there however, premium DNS providers provide a variety of benefits that will ensure that your site is always online, for example, safety, DNS failover, and higher speed.

1. Security is better equipped for Massive-Scale attacks

Premium DNS providers with a high-end service are generally better equipped to protect you from large-scale DDoS attacks, such as the one on Friday the 21st. Dyn is a highly well-known company and, even when there was a an interruption in service, they did the best they could to keep their customers informed and worked around all hours to bring everything back up. It's important to keep in mind that the attack was the biggest ever recorded, with 600 Gb/sec. If this same incident had occurred against a free or smaller DNS provider, you're safe to assume that it would have resulted in even more catastrophic for its customers.

Scott, EVP at Dyn released an official statement on the 26th of October:

The incident has led to an important debate about internet security and the risk of volatility. It has not only revealed security weaknesses and security of "Internet of things" (IOT) devices that require attention however, it also sparked further dialogue in the community of internet infrastructure about how the Internet will evolve in the coming years. Similar to what we've done previously We look forward to contributing to that dialogue.

2. Failover DNS Strategy

The companies of today must reconsider their DNS strategies and put a failover in place. Brian Armstrong, co-founder at Canopy, wrote a great essay in 2014 entitled " You're probably doing DNS wrong, as we did." The article came out after an DDoS attack had taken the downfall of their DNS provider, DNSimple. Armstrong discusses the subject of TTLs, and suggests that businesses ought to make them more long. TTL means the time it takes to live which is the length of time it can remain alive in cache before it is cleared. For example, if you had a TTL of a week and your DNS provider went down for a day the odds are that your users won't suffer since the DNS cache of your ISP keeps the DNS in cache.

Want to know what we did to increase our visitors by 1000 per cent?

Join the 20,000+ who get our weekly newsletter with insider WordPress tips!

There is however another benefit to using large TTLs. On the 21st of May If you were to set up a second DNS provider, it wouldn't really matter since the TTL was scheduled to expire over days or weeks not minutes. It is possible to fix this by simply setting up multiple DNS providers in advance in preparation. So yes, high TTLs may be beneficial, but they should be used as part of a multi DNS failure-over strategy. Check out this more in-depth review of DNS TTLs settings.

The entire community needs to work together in order to create Open source or commercial solutions to ensure DNS configurations compatible with different providers (this is for difficult DNS setups , such as failover, geo load balancing or geo load balancers.). It's now not just a nice thing to have, but a must-have. - - Catchpoint

There are many top DNS providers with tutorials on how to setup secondary DNS as a failover. The recommended configuration is to establish redundant nameservers with multiple DNS service providers.

Secondary DNS that includes Dyn
Secondary DNS with DNS Made Simple
Secondary DNS with DNSimple
Secondary DNS service with simpleDNS (and Amazon Route 53)

Also, it is important to remember that based on how you set up the secondary DNS it may harm or improve the performance of your DNS. DNS Made Easy has an excellent webinar explaining this a little deeper.

3. Performance

We have conducted some tests with the SolveDNS testing speed tool. Here's an example a domain using NameCheap's free DNS and the response times.

Free NameCheap DNS

free dns speed — DNS speed test for free DNS speed test

And below is an example using Amazon Route 53's premium DNS. It is evident that, generally, DNS lookup times are much faster with Amazon. You are able to conduct yourself tests with different DNS providers, however it is just important to be aware that , just as with web hosts There are speedier ones as well as slower. The majority of the most expensive DNS providers have faster speeds. Cloudflare is a no-cost one that also has great performance, however, they are tricky when you get into running more than one DNS providers.

Amazon Route 53 DNS

amazon premium dns speed — Amazon premium DNS speed test

How do you set up Premium DNS With

We think that premium DNS is crucial and that is why we partnered up with Amazon Route 53, a worldwide Anycast network. They provide DNS failover and latency and geolocation routing to help ensure your website remains online and reliable. The routing is especially important because it ensures that your DNS is sent to the location with lowest latency. Amazon Route 53 premium DNS is absolutely free to everyone. To set it up on your WordPress website, simply follow the steps below.

Step 1

In your My dashboard click into " DNS."

Step 2

Click "Add Domain" at the top right.

Add domain to DNS — Include domains in DNS

Step 3.

A
CNAME
MX
SPF
TXT
SRV
AAAA
DKIM

Step 4

It is then necessary to connect Amazon's nameservers to the domain's registry or third partner DNS provider. You can access these by clicking into Nameservers from the DNS records page.

That's all there is to it! Your DNS has been being served by Amazon Route 53.

Summary

Like Catchpoint as well as similarly to EVP at Dyn as mentioned earlier this latest incident has companies rethinking their DNS strategies and web security generally. Some companies lost millions of dollars from the downtime that happened on Friday the 21st. Making use of a top DNS provider , and also having an DNS failover method using an additional provider is now essential than ever. It's only an issue of time before that next DDoS attack occurs and you should be prepared.

Do you have any thoughts on using premium DNS providers? If yes, please share them in the remarks.

Reduce time, money and maximize site performance with:

Instant help from WordPress hosting experts 24/7.
Cloudflare Enterprise integration.
Reaching a global audience with 35 data centers worldwide.
Optimization using our integrated Application to monitor performance.

Develop a winning Course Curriculum Learn the steps to create a successful Course Curriculum

Logo

What are you able to accomplish to increase the number of students who are able to take part in the online course you offer for one corporate student