The Domain Name System is fundamental to the functioning of the internet and works so well that we rarely consider how it works. Most people do not even realize that we have options to choose from that can improve our internet performance and enhance our security.
Before I get to the choices, let’s review DNS.
What is the Domain Name System (DNS)
I’ll start with what you probably already know. The Domain Name System (DNS) is often compared to phone book. If I want to call someone I use their name to lookup their number.
To communicate with another computer on the internet your computer needs a numeric IP address, analogous to the phone number. However, when using email and the web your computer uses a registered domain name and the Domain Name System to lookup an associated IP address. For example, the domain name example.com is associated with the IP address 126.96.36.199.
How Does DNS Work?
DNS consists of a network with different types of servers that are organized in a hierarchy.
Root Server: A single server node that can provide the location of the 13 Domain Servers.
Root Name Servers: 13 server nodes that can provide the location of the Name Servers for specific domains (.com, .edu, .uk, etc). There are actually many more than 13 physical servers per node.
Authoritative Name Servers: These are servers where domain name/IP address association data have been obtained from an original source. The next step after registering a domain name is to provide the name to your web and/or email host to add the name to an Authoritative Name Server.
Other Name Servers: These are name servers that obtain their data by querying other name servers and storing the data in cache.
This is all important to understand because to use domain names your computer or network must be configured to connect to a specific name server to “resolve” a name to an IP address.
Choosing your own DNS Server
When you connect to the internet, most of the time you are setup with a name server provided by your Internet Server Provider. This is almost certainly an “Other Name Server” mentioned above. However, you actually use any name server that you have access to. This means you have choices.
Setup your own DNS? Maybe, maybe not
The first choice is to setup your own DNS server. It’s actually not very hard and the software is available for free. However, note the following:
o You cannot setup your own DNS for a web site on a shared server.
o It will only be as secure as your own network.
o To be available 24/7 your server has to be running 24/7.
It can be a fun and somewhat geeky thing to do to setup your own DNS server. However, it’s something to leave to large corporations with their own IT staffs. Even so, the company is assuming the risk of downtime. For most people, especially small and medium size e-commerce business it is way to risk. If your DNS is down, your site is down. Your business is down.
Managed DNS? A better idea!
A much better idea is to sign up with a managed DNS service to host your DNS. These are companies that have established their own network of DNS servers and add features to improve performance, security and protections. DNS performance can be very important in how fast a web page loads.
Using advanced routing technologies such IP Anycast and GeoDNS, they can improve resolution times by as much as .5 seconds. If a page has 3rd party content such as advertising, there could be multiple DNS resolution lookups to display the page. If 5 resolutions are needed you might save 2.5 seconds, an eternity when waiting for a page to display.
Managed DNS providers offer additional features that you do not get from your ISP:
o Security: Protection against malware, Denial of Service Attacks (DOS), phish blocking, blacklist prevention, etc
o Content filtering
o 100% uptime SLAs
0 Web interfaces for managing DNS and DNS records
Managed DNS providers, such as Comodo, charge a monthly fee for the services. Depending on the number of domains covered and the amount of network traffic it could be between $25 and $100 per month.
Related Resource:TEST YOUR EMAIL SECURITY