33
Build vs Buy: DNS Deploying a scalable DNS foundation for your Internet Performance Cory von Wallenstein Chief Technologist @cvwdyn
| Date post: | 16-Apr-2017 |
| Category: |
Technology |
| Upload: | dyn |
| View: | 1,420 times |
| Download: | 0 times |
Build vs Buy: DNSDeploying a scalable DNS foundation for your Internet PerformanceCory von WallensteinChief Technologist@cvwdyn
Pg. 2 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
But first, some clarity on business strategy…
Exploring two paths for Internet Performance:• Building your own DNS infrastructure for Traffic Management
• Buying a Traffic Management & Managed DNS solution
Pg. 3 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 4 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Technology Adoption Lifecycle
Techies:Just try it!
Pragmatists:Stick with the herd!
Conservatives:Stick with what’s proven!
Skeptics:Just say No!
Visionaries:Get ahead of the herd!
From Geoffrey Moore’s Dealing with Darwin
CHAS
M
Pg. 5 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
MatureMarket
CGrowthMarket
B
Time
Mar
ket G
row
th
ADecliningMarket
End of Life
FaultLine!
E
D
From Geoffrey Moore’s Dealing with Darwin
Category Lifecycle
Pg. 6 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Core vs ContextCore: Any process that contributes directly to competitive advantage.
Context: All other processes required to fulfill commitments made to one or more stakeholders in the enterprise.
From Geoffrey Moore’s Dealing with Darwin
Pg. 7 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
How to Win in the Long TermFocus internal time, attention and resources on
core processes, and be the best in the world at them.
Evaluate outsourcing everything else (context). Free up time, attention and resources for core.
From Geoffrey Moore’s Dealing with Darwin
Pg. 8 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
How to Build• Software• Network & Locations• People & Operations• Advanced features
Pg. 9 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Software• DNS
• Names to numbers. • Scope is authoritative (not recursive).• twitter.com -> 199.16.156.198
• Options• Open source: BIND, djbdns, Power DNS• Commercial: Microsoft, Secure64• Appliance-based: Infoblox
Pg. 10 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Software… rarely the problem for DNS$ dig company.com
; <<>> DiG 9.8.3-P1 <<>> company.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1876
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;company.com. IN A
Pg. 11 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 12 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
October 2012
Hurricane
Sandy
Pg. 13 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 14 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 15 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 16 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 17 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 18 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
“A frying squirrel took out half of our Santa Clara data center two years back,”- Mike Christian, Yahoo
Pg. 19 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
“Squirrel chews account for a whopping 17% of our damages so far this year! But let me add that it is down from 28% just last year and it continues to decrease since we added cable guards to our plant.”, Fred Lawler, Level(3)
Pg. 20 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Network & Locations• com. -> dyn.com.
• NS record TTL: 86,400s -> 24 hours• To swap DNS servers, expect at least this much downtime
• Must deploy DNS to multiple locations• Recursive DNS servers will try others
• Must mitigate single points of failure(upstream connectivity, wide area events)
Pg. 21 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 22 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 23 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 24 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 25 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 26 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
• DNS cache poisoning, DNSSEC and general DNS security
Pg. 27 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Network & Locations• Unicast: Each global location uniquely addressed• Anycast: Locations announce same address space,
queries routed to closest location.• Anycast is now table-stakes for DNS
• Scalability• Resilience against DDoS attacks• Performance
Pg. 28 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 29 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Pg. 30 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
People & Operations• Anycast
• Deep routing expertise• Border Gateway Protocol (BGP)• Strong ISP relationships (NANOG)
• Tooling• Routing intelligence: Renesys• Network health: Catchpoint
Pg. 31 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Advanced Features• Who should care?
• More than one datacenter• More than one cloud region/vendor• Using a Content Delivery Network (CDN)
• Why?• Answer queries dynamically based on:
• Health of your infrastructure/application• Location of user
Pg. 32 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
DIY Advanced Features• BIND GeoDNS: http://cvw.gs/bind-geodns
• Per query lookup to MaxMind GeoIP DB• Geopolitical traffic management
• Appliance-based GSLB• End user IP location != Recursive DNS IP location
• IP geolocation databases are for end-user IPs• Need a mapping of what user geographies
each recursive IP represents for accuracy
Pg. 33 Build vs Buy: Deploying a Scalable Foundation for Your Internet Performance@cvwdyn
Build vs Buy Recap• Part of your core competitive advantage?
• If so, build it. Else, evaluate buying.• Software will not be your challenge• Challenges will be in:
• Deploying & operating global locations/networks• Hiring the right people with deep expertise• Taking advantage of advanced DNS features
