Expanding Our Second Cache Edge Network
Simone Carletti
on
Just over a year ago, DNSimple revealed initial work to develop an internally managed authoritative DNS cache edge to supplement our existing cache edge and further diversify our network topology.
Today, we're successfully running DNSimple using a 50/50 configuration. Half of the name servers are powered by our new cache edge network, with the other half powered by the original network.
Many other changes have happened since then, and we're excited to share some updates, what we've accomplished since that first announcement in March 2023, and what's next.
Replacing NS 4
The work to implement DNSimple's internally-built cache edge network started at the beginning of 2022.
To validate the implementation, the team planned to deploy the new cache edge network on 25% of our infrastructure. We selected NS4, and planned to replace the existing cache edge for the machines serving ns4.dnsimple.com.
The initial rollout took place around August 2022, with a lot of time spent sampling traffic, rolling back, fixing, and rolling forward until the canary name servers were offering a compelling level of service, comparable with the current cache edge.
By October, we were ready to start migrating all the traffic from the existing ns4.dnsimple.com – still powered by the previous cache edge system – to the new name server, ns4.dnsimple-edge.org, powered by the new cache edge.
The first step was simple. For all the zones registered with us, we automatically updated the name servers at the registry with the new name server.
We informed all the customers who were delegating to our name servers from domains registered elsewhere, and requested the name server switch. The team also worked directly with accounts who had complex network setups to address routing issues or edge cases (no pun intended). In this phase, the reports we received from the network teams of some of our customers were essential to the success of this project.
In early 2023, the rollout was almost complete. The last step was to switch ns4.dnsimple.com IP addresses to point to the new cache edge, mirroring ns4.dnsimple-edge.org. This change effectively ensured all the customers who were pointing to our NS4 names would be served by the new edge network, even if they didn't immediately update the delegation.
There was just one last step — informing customers and updating all zones pointing to our NS IP addresses directly, like those using our vanity name servers (we'll talk more about this in the next section).
Replacing NS 2
Six months after the full NS4 rollout, we started working to replace NS2. The work started in October 2023, and thanks to the knowledge built and codified with the rollout of NS4, we completed it within three months.
As of the end of 2023, half of DNSimple's name servers are powered by DNSimple's cache edge network, and the transition was seamless for virtually all our customers.
Migrating custom configurations
A number of customers have special configurations that directly point to our IP addresses. We don't recommend this approach, because you can't automatically take advantage of infrastructure upgrades, with a few notable exceptions. One of them is customers using our vanity name server feature.
For all these zones, the switch to the new edge network requires a more hands-on approach. At the beginning of 2024, we started the work to deprecate all our previous NS2 and NS4 infrastructure, with the ultimate goal of decommissioning those IP addresses.
As we went through cleaning up 14 years of network upgrades, we noticed some accounts were still using our first generation of Anycast IP addresses, which were retired in 2016 but never decommissioned. If you happen to have a zone using one of the legacy configurations, we've likely already contacted you to migrate your settings in the last few months, or we'll be in touch soon.
Moving forward
DNSimple's name servers are now being powered by two different cache edge networks, working together to provide a heavily redundant anycast DNS network:
ns1.dnsimple.comandns3.dnsimple.comare being served by the third-party cache edge network.ns2.dnsimpleandns4.dnsimple.comare being served by DNSimple cache edge network.
The new hostnames ns2.dnsimple-edge.net and ns4.dnsimple-edge.org have been created to represent NS2 and NS4 respectively. These hostnames use a completely separate domain name, with a mixed set of TLDs, to further increase the network diversity and reduce the impact on any registry-level DNS outage. We strongly recommend using them instead of their ns2.dnsimple.com and ns4.dnsimple.com counterparts. You can visit DNSimple's name server documentation to stay up-to-date with all the current configurations.
We don't plan to expand DNSimple's cache edge network to replace more name servers. Unless there's an unexpected external inconvenience, we'll remain on a 50/50 heterogeneous network to mitigate single points of failure.
The first generation IP addresses will also be retired by the end of 2024. We'll switch all traffic to the current infrastructure. If you're affected, we'll notify you directly with instructions on how to migrate to the new cache edge.
More than 75% of the traffic is already using DNSimple's new edge network, but there are still a number of zones directly pointing to the old IPs. The plan is to deprecate the previous NS2 and NS4 cache edges, and complete the migration of the remaining traffic to the DNSimple cache edge. This work is ongoing and will be completed by 2025, with the full decommissioning of the IP addresses and every account on-board with the current standard configuration.
If you have any questions regarding future plans at DNSimple, any ongoing migration, or how this affects your account, please get in touch. We'll be happy to help.
Looking for reliable, heavily redundant anycast DNS? Give us a try free for 30 days, and experience our best-in-class DNS & domain management.
Simone Carletti
Italian software developer, a PADI scuba instructor and a former professional sommelier. I make awesome code and troll Anthony for fun and profit.
We think domain management should be easy.
That's why we continue building DNSimple.
