Just like with every other form of technology, new things are created, outweighing the goodness of the predecessor. With Anycast DNS, it’s nothing different. DNS, or Domain Name System, is a directory service on the web. The process involves the translation of domain names to IP addresses. DNS is also known to control the delivery of emails.
Without the ability to access DNS, the web browsers on your computer will not be able to find websites and you won’t be able to retrieve or send emails. There are three components of a DNS. First, there is the data, also known as resource records. Next are the servers or name servers and last are the internet protocols, which are used to retrieve data from the servers.
Anycast DNS is an upgrade for traditional DNS. It’s a network that addresses and routes data to the nearest and best destination, which is determined by routing topology. Anycast uses Border Gateway Protocol, or BGP, which is the core routing protocol for the internet. BGP maintains the IP networks that designates the accessibility of networks among autonomous systems, or AS. Traditional IGP metrics aren’t used; instead path, network policies and/or rulesets are used for routing decisions.
With Anycast, BGP is used to simultaneously call the same destination IP address from various places on the web. This causes packets addressed to destination addresses within the range to be routed to the closest and most reliable one. Previously, Anycast used connectionless protocols instead of connection-oriented protocols, like TCP, which help to maintain their own state. Simply put Anycast allows the ability to market the same public IP addresses from multiple machines.
Traditional DNS and Anycast DNS
Previously, DNS was managed in an environment that was centralized and it’s name servers used unicast addresses for identification. In this instance, DNS queries were routed to specific destinations. A BGP was used to route the connection through various paths to that destination. Overall, there was only one destination that could possibly be reached.
With an Anycast address, the routing is completed to the closest service. It was possible for attackers overflow a single point, with a traditional DNS, so the more people that tried to access the same point, it would cause a drop in the service. Anycast offers more reliability for accessing an address, thus increasing performance and security, while reducing latency all over the world.