News

Crystal clear: Anycast

01 January 2018

The Domain Name System (DNS) is a naming system whereby domain names are converted to IP addresses. 

Domain name management

The primary task of DNS Belgium is to manage all domain names with a .be, .vlaanderen, and .brussels extension – more than 1.5 million domain names in all, which together form the backbone of the Belgian network. It is consequently vital that our DNS servers continue to function at all times.

To surf to a certain page you must enter the address in your browser window. That is when the DNS protocol goes to work. This protocol translates (in the background) the domain name into the IP address of the server where the website is located. This process comprises several phases. In the case of a .be, .vlaanderen or .brussels domain names, a question is asked to the DNS servers of DNS Belgium during one of those phases. These indicate where the domain name is hosted and the server where detailed information on the website can be found.

Anycast

Because all this has to take place very rapidly and so many people are surfing at the same time, we have more than one DNS server available to handle these requests. Even more, we have brought our DNS servers under an anycast cluster. In a normal set up, one DNS server hides behind one name server record of a zone.

In an anycast cluster, however, various servers may hide behind each name server record. Externally, these servers react exactly the same way as one server, but internally the various servers are on different physical locations. The major advantage of this is twofold:

  • If a server fails, the others simply take over the extra traffic without impact a negative impact for the end user or the service of the single external DNS server being compromised. As a positive side effect, attacks on the anycast cluster stay geographically limited to the source of the attack. The remaining servers stay operational for the end users. In this way we can guarantee that the internet traffic arrives at the right place for every .be, .vlaanderen, and .brussels domain name. This has also major advantages for maintenance, which can be carried out without interrupting the service. We recently invested in our anycast environment.  We added an extra server in one of the clusters.
  • A second advantage is that the servers are physically closer to the surfer, so the time that the data are under way is far shorter. Example: Thanks to anycast, a surfer in the United States gets an answer from the server in the US. That is far faster than sending the question via the underground sea cables from the US to Belgium, and then routing the answer via the same underground sea cables to the US.

These techniques enable us to enhance the security and stability of the internet in Belgium. DNS Belgium keeps on investing in its infrastructure and expanding the anycast network to guarantee a maximal uptime of all domains under our management.