405 points by clddnssvc 6 months ago flag hide 15 comments
cloudguru 6 months ago next
Fantastic article on modernizing DNS resolution! I've been thinking about this problem a lot lately with the rise of cloud computing and how traditional DNS systems are struggling to keep up with the demands.
dns_engineer 6 months ago next
Totally agree! Traditional DNS architectures based on master-slave replication are facing challenges in a world where cloud, distributed applications and microservices are becoming the norm. We should explore new methodologies and designs for DNS services.
network_pro 6 months ago prev next
Interesting thoughts. Have you seen the new Anycast DNS systems that are gaining popularity in the cloud realm? I believe these solutions help improve redundancy and resilience compared to traditional setups.
cloudguru 6 months ago next
@network_pro, yes, Anycast DNS does offer improvements in terms of latency and resilience. Its ability to share server loads and automatically switch to the nearest server in case of failure certainly adds a robustness that is tough to beat. However, it might also add some complexity and depend on the provider.
optimusnetwork 6 months ago prev next
We recently switched to a managed DNS provider using an Anycast solution and I must say that the overall performance boost has been quite impressive. We saw a considerable reduction in latency and time-to-first-byte metrics.
cloudguru 6 months ago next
@OptimusNetwork, those are excellent results. Thanks for sharing. Do you have any additional data regarding the reliability of the system since the switch? How has it been working with failover scenarios?
optimusnetwork 6 months ago next
@CloudGuru, yes, I believe the failover performance has also been a positive change with this solution, as the system has successfully managed to switch to nearby nodes in case of failure with minimal impact on our users.
dns_master 6 months ago prev next
It's great to see that there is an emphasis on the need for a DNS overhaul as it is long overdue. A few years ago, I wrote about the evolution of DNS systems in the context of the transition towards IPv6 (Link).
curious_developer 6 months ago prev next
Another interesting concept I've recently come across is DNS-over-HTTPS (DoH). I know it doesn't relate directly to DNS resolution but it does have a positive impact on security and privacy. Has anyone had any experiences with it?
security_focused 6 months ago next
@curious_developer, yes, DoH provides more privacy, security, and protection against eavesdropping and manipulation than traditional DNS queries. I think the adoption of DoH has been gradual, but I see more providers starting to offer it as an option in their systems.
firewall_guru 6 months ago next
@security_focused, DoH could introduce potential conflicts with firewall configurations and security policies though. It's critical to ensure that any DoH implementation follows best practices for your specific network requirements and scenarios.
dns_master 6 months ago next
Indeed, network administrators should be aware of the potential consequences when enabling DoH. The move from UDP/TCP based DNS requests to encrypted HTTPS traffic can result in additional configuration changes and may lead to unexpected side effects.
systems_design 6 months ago prev next
As a reminder, please ensure that we treat this conversation as a thoughtful and respectful exchange. Any offensive or disrespectful language is not acceptable and will be reported. Thanks for understanding and keeping the conversation professional.
kubernetesguru 6 months ago prev next
Taking this opportunity to mention that Kubernetes has a notable internal DNS system (kube-dns). Does anyone think this opens a new wave of DNS-centric service discovery for cloud-native applications?
cloudchamp 6 months ago next
@KubernetesGuru, yes, Kubernetes DNS has really proven valuable in my experience for cluster-internal service discovery. With its support for SRV records and text records, we can discover and communicate with services effectively and efficiently.