Anycast DNS by CIRA
Protection for your website presence
The Domain Name System, or DNS, is one of the fundamental technologies of the Internet. It makes it possible for your web browser to find any website, and for your email app to find the server that stores your mail. It's a critical infrastructure service that's open to attack. If a webhost's DNS goes away, so do all its websites.
In most networks, all requests during a DDoS go to a single physical server at one location. Attack traffic (in red) overwhelms the server, which can't respond to legitimate users.
You might be surprised to learn that most web hosts have only a minimal DNS network, consisting of a few servers. In a Distributed Denial of Service attack, or DDoS, that small DNS network is highly vulnerable. There is no scenario where its DNS service, and therefore its hosted websites, email, and other services, will survive. Attacks typically last from a few hours to a few days.
Korax was the first web host in Canada to add Anycast DNS to all hosting packages. Anycast is the best way to protect from the impact of an attack against the DNS. An Anycast DNS server is actually a cloud of many physical servers located around the world. Each receives requests only from its local geographic region, so its traffic is lower, substantially reducing the effect of an attack. DNS lookups are also faster, because requests are answered from a location physically closest to the end-user.
From the outside, the Anycast DNS cloud looks like a single server, but consists of many servers distributed globally. The impact of an attack is significantly reduced. Website visitors get a response from a server physically close to them, enhancing performance.