Cloud-based DNS outperforms in-house systems, study shows

A new vendor-sponsored study of the 1,000 biggest websites quantifies how much better third-party managed service providers are doing at operating DNS services across the Internet cloud than enterprises that run this critical network service themselves.

U.S. websites that operate their own DNS services experience availability that is significantly lower -- averaging minutes of costly downtime per day -- when compared to sites that outsource their DNS. 

The study was conducted by ThousandEyes, which calculated the minimum, maximum and average DNS availability of the Alexa 1,000 websites during the second quarter of 2011. The study shows that U.S. managed service providers offer higher availability in all three categories when compared to U.S. companies with internally managed DNS.

The study was commissioned by Verisign, which sells managed DNS services.

RELATED: Will security worries propel DNS into the cloud?

Websites that used third-party managed DNS providers did not experience any total outages during the course of the study, while self-managed sites were shown to have a higher propensity to experience near to total outages.

Managed service providers offer better availability because they have more data center locations scattered across the Internet to answer DNS queries closer to users. Additionally, these providers use what's called an anycast DNS resolution service, which means there is always a server available somewhere to respond to DNS queries. The study identified one DNS provider that uses both anycast and unicast DNS resolution, which provides the optimal combination of performance and reliability for DNS queries and responses.

"Few enterprises have the resources and expertise to set up such extensive systems for their internally managed DNS," the study said. "This may explain the discrepancy and is an indication that most businesses with internally managed DNS would benefit from a secondary managed DNS service that can act as a backup to serve traffic to their websites in the event that the primary DNS management tool becomes unavailable."

Another reason third parties offer higher availability with their cloud-based DNS services is that they can afford dedicated network engineers who specialize in DNS.

"Misconfigurations are common," said Ben Petro, senior vice president of Verisign's Network Intelligence and Availability Group. "When companies use open source DNS software like BIND, it's very easy to have a misconfiguration. Another problem is on the exploit side. A good portion of the globe -- like 90% -- uses BIND, so you have to patch it three or four times a month at a minimum. ... A lot of times, companies end up with an unpatched version of BIND that is vulnerable to known exploits."

MORE: New open source DNS server released

The study demonstrated how even a tiny reduction in website availability can result in lost customers and revenue for e-commerce companies. For example, the average availability of internally managed DNS among U.S. websites was 99.84%, compared to 100% availability claimed by Verisign's managed DNS service. The 0.16% difference in average availability results in around two minutes of downtime per day on average.

A fashion e-retailer quoted in the study said his business could lose $1,000 or more per minute of downtime; this figure would be greater for a major e-commerce site. E-retailers lose business because most online consumers abandon websites when a page takes longer than three seconds to load, and they usually won't return to a website with disappointing performance.

"The study shows that those who outsource DNS have a much more robust experience. The top three DNS providers offer 99% availability or better," Petro said. "We are heading into the holidays, and this is the most important time of the year for e-tailors. Most e-tailors do 40% to 50% of their business now. ... We're trying to drive awareness of this issue."

Read more about lan and wan in Network World's LAN & WAN section.

This story, "Cloud-based DNS outperforms in-house systems, study shows" was originally published by Network World.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies