Does anybody here pay to have their DNS managed with an anycast provider? Is it worth it? I can appreciate the value of using anycast itself but I don't see the advantage in being able to manage our servers and to be honest I'm not even sure what I'm being offered by the service. Is protection from denial of service attacks a 'side-effect' of using anycast as opposed to anything extra the service provider would have to do? We've not had any problems since we started and whilst it would be wrong to think "it'll never happen to me" (indeed I'm preparing for the zombocalypse ) I don't think we're big enough or ugly enough that we'll be attacked (however if it does happen I'll be chasing the guy who's offering these services as my prime suspect). Thoughts?
The reason to use an anycast solution for DNS is if your response times are really slow when it comes to DNS. For most sites this is not really a necessary step as most local DNS servers will cache the queries. This means that by the nature of DNS you are already doing an anycast, just not paying for it. For most piratical purposes DNS works this way for a brand new request: client does a request to the local DNS server The local DNS server sends a request to a top level DNS server The top level server then requests the DNS entry from the remote DNS server providing the IP address of the domain name (the server you point name servers to) The top level server then sends that information back to your local DNS server That server sends the information back to you At each level along the way the servers will cache the results for up to 72 hours therefore providing much faster speeds. That is the reason why it can take up to 72 hours for a domain's name server settings to take effect. On top of the complexity above each server has a pool of other servers to use if one of them goes down. The weak point is defiantly your remote server, but the system is already built to be robust. Personally I think that anycast DNS providers are not worth the money. If you do not know what you are doing with DNS, then I do suggest using an external provider who does. DNS is complex and can cause many problems if you do not know what you are doing.