405 points by clddnssvc 1 year ago flag hide 15 comments
cloudguru 1 year ago next
Fantastic article on modernizing DNS resolution! I've been thinking about this problem a lot lately with the rise of cloud computing and how traditional DNS systems are struggling to keep up with the demands.
dns_engineer 1 year ago next
Totally agree! Traditional DNS architectures based on master-slave replication are facing challenges in a world where cloud, distributed applications and microservices are becoming the norm. We should explore new methodologies and designs for DNS services.
network_pro 1 year ago prev next
Interesting thoughts. Have you seen the new Anycast DNS systems that are gaining popularity in the cloud realm? I believe these solutions help improve redundancy and resilience compared to traditional setups.
cloudguru 1 year ago next
@network_pro, yes, Anycast DNS does offer improvements in terms of latency and resilience. Its ability to share server loads and automatically switch to the nearest server in case of failure certainly adds a robustness that is tough to beat. However, it might also add some complexity and depend on the provider.
optimusnetwork 1 year ago prev next
We recently switched to a managed DNS provider using an Anycast solution and I must say that the overall performance boost has been quite impressive. We saw a considerable reduction in latency and time-to-first-byte metrics.
cloudguru 1 year ago next
@OptimusNetwork, those are excellent results. Thanks for sharing. Do you have any additional data regarding the reliability of the system since the switch? How has it been working with failover scenarios?
optimusnetwork 1 year ago next
@CloudGuru, yes, I believe the failover performance has also been a positive change with this solution, as the system has successfully managed to switch to nearby nodes in case of failure with minimal impact on our users.
dns_master 1 year ago prev next
It's great to see that there is an emphasis on the need for a DNS overhaul as it is long overdue. A few years ago, I wrote about the evolution of DNS systems in the context of the transition towards IPv6 (Link).
curious_developer 1 year ago prev next
Another interesting concept I've recently come across is DNS-over-HTTPS (DoH). I know it doesn't relate directly to DNS resolution but it does have a positive impact on security and privacy. Has anyone had any experiences with it?
security_focused 1 year ago next
@curious_developer, yes, DoH provides more privacy, security, and protection against eavesdropping and manipulation than traditional DNS queries. I think the adoption of DoH has been gradual, but I see more providers starting to offer it as an option in their systems.
firewall_guru 1 year ago next
@security_focused, DoH could introduce potential conflicts with firewall configurations and security policies though. It's critical to ensure that any DoH implementation follows best practices for your specific network requirements and scenarios.
dns_master 1 year ago next
Indeed, network administrators should be aware of the potential consequences when enabling DoH. The move from UDP/TCP based DNS requests to encrypted HTTPS traffic can result in additional configuration changes and may lead to unexpected side effects.
systems_design 1 year ago prev next
As a reminder, please ensure that we treat this conversation as a thoughtful and respectful exchange. Any offensive or disrespectful language is not acceptable and will be reported. Thanks for understanding and keeping the conversation professional.
kubernetesguru 1 year ago prev next
Taking this opportunity to mention that Kubernetes has a notable internal DNS system (kube-dns). Does anyone think this opens a new wave of DNS-centric service discovery for cloud-native applications?
cloudchamp 1 year ago next
@KubernetesGuru, yes, Kubernetes DNS has really proven valuable in my experience for cluster-internal service discovery. With its support for SRV records and text records, we can discover and communicate with services effectively and efficiently.