1. 1 Distributed DNS best practices to build redundant, reliable architecture By Ladislav Vobr SE/SOP/I&eS, Etisalat

2. 2 Outline Introduction Different DNS roles Authoritative Caching ccTLD Internal Best Practices / Recommendations Increasing the availability L4-7 switching / Anycast Service Monitoring Latest DNS Features Trends Conclusion

3. 3 Introduction What is DNS? DNS & Internet The Importance of DNS Service

4. 4 Different DNS roles Authoritative/non-recursive Caching/Recursive ccTLD The Root Servers Recursive

5. 5 Best Practices Separate geographically Separate the functionality Separate Access Use well defined SOA, TTL Use consistent NS records

6. 6 Scaling performance / Availability Authoritative only servers -Build it mechanism using RTT Caching Services -Scaling vertically - brings huge cost & doesn’t improve availability -Scaling horizontally – reduce the cost, but needs some configuration a)Cluster (one active / one standby ) b)L4-7 switches (complicated, more features) c)ANYCAST (simple / simple balancing)

7. 7 L4-7 switching Better l4-7 filtering Better load distribution Geographical failover not standarized Complicated management Another point of failure (two switches required)

8. 8 Anycast Routing Simple idea Using standard protocols Supports broad range of routing protocols Simple load balancing only Not able to filter traffic based on l4-7 Acts as a router, easy troubleshooting No additional hardware required Free tools available / zebra / ospfd ….

9. 9 Important features in Bind TSIG/DNSSEC NOTIFY NSUPDATE IDN IPV6 RNDC FLUSH RNDC RECURSING

10. 10 Service Monitoring Monitor CPU Monitor Number of REQUESTS Monitor Recursive QUEUE Monitor Traffic Rates Monitor BOGUS servers

11. 11 Popular links http://www.isc.org http://www.bind9.org http://www.bind.org http://zebra.org http://rrdtool.de Mailing list: bind-users@isc.orgbind-users@isc.org

12. 12 Thank You