DNS outage (DNS downtime) – what does it mean? 

The DNS outage (a.k.a. DNS downtime or DNS failure) is a period of time when the domain name can’t be resolved to its IP address. The clients will send a DNS query for a domain name, but the DNS recursive will either answer with the old IP address from its cache, which will not respond, or it will try to query the DNS authoritative name server of the domain name won’t get an answer. 

What causes DNS outages? 

DDoS attacks

DDoS or a denial of service attack, is a type of cyber-attack that involves multiple devices that work together, targeting a victim’s computer, with a large amount of traffic intending to make it unable to answer any more queries. To prevent any problems that a DDoS attack can cause, you will need a load balancing that can share the traffic between your servers, even if it is very strong. And also, you will need DDoS-protected servers. 

Maintainance of the authoritative name server

If you are using only one authoritative name server, whatever happens to it, can affect your DNS. If it needs updates and reboot, the time that it takes, the server won’t be able to respond to DNS queries. Updates and maintenance are needed, so you better have a Secondary DNS that can answer the queries meanwhile. 

A problem in the data center, where the authoritative name server is

The cloud equipment does not magically hover over the Earth. Instead, it resides in multiple data centers. These places can have problems like long-lasting electricity outages, natural disasters affecting the area, fire, or other problems. If you are using a cloud service, these issues are out of your hands, but you can use multiple servers in multiple data centers. If one is down, still, there will be more to answer the queries. 

Bad configuration

Errors in DNS configuration can cause DNS downtime. It can be a human mistake, like badly addressing caused by misspelling the IP address or domain name, script error, wrong firewall configuration, etc. 

If it is a misspelled problem, you can try to query the domain name and the IP address to see which does respond and which does not. 

If it is the firewall, you can check the ports if they were allowed. 

DNS propagation delay

When you add or remove DNS records (like A or AAAA records), the changes are not always instant. You are editing the zone file inside the Primary DNS server, and you can propagate to your Secondary DNS servers, but there are many DNS recursive servers that you don’t control. They can keep your old IP address and provide it to clients, even after you published a new one. 

What you can do about the DNS propagation is to push the zone transfer to your Secondary servers and to keep lower TTL values for your DNS records. 

It is not technically a DNS outage because it will affect only those with the older cached IP address of the domain name, but it was worth mentioning it.

How to avoid DNS downtime (outage)

The best way to avoid DNS outages is to have a robust DNS network that provides redundancy and can withstand strong traffic. The more servers you have, the better you are going to be prepared. Additional features might also facilitate the DNS administration and automate the process of handling problems. 

Use Secondary DNS services

A secondary DNS service provides you with the opportunity to use multiple Secondary DNS servers, which can be set as Secondary authoritative nameservers. They will have a copy of the zone file with the DNS records. They can answer queries for your domain, just like the Primary one. The big advantage is that they will keep answering even if the Primary is experience downtime. Having Secondary DNS is your DNS backup solution. 

You can learn more about it in this article, “What is backup DNS?”, and you can try our Secondary DNS plans with a 30-day free trial. 

Use DNS load balancing

DNS load balancing is also another nifty way to lower the chance of DNS outages. It is a mechanism for administrating the DNS traffic between the DNS server, based on criteria like the number of active connections, specific algorithm, time of connection, etc. 

It will reduce the stress on a particular DNS server and spread it between the network. 

It can help in case of a DDoS attack but also in a natural spike in traffic caused by increased clients’ queries. It can help you during a promotional period when you are experiencing higher traffic.

Be prepared with DNS Failover

DNS Failover is a trigger that will activate in case of a nameserver’s failure. It can automatically redirect the traffic without any human interaction, based on the information it gets from DNS monitors like ICMP ping, UDP requests, HTTP checks, etc. It is an easy way to keep your clients’ happy and provide DNS resolution, even if some of your DNS servers are experiencing some problems. We offer DNS Failover service with all of our paid plans.

Also, we recommend you to check our Brand new Monitoring service!

How to diagnose DNS outages?

When facing a DNS outage, quick diagnosis is essential to restore functionality. Follow these steps to pinpoint the problem:

• Ping the Domain

Use ping to check if the domain resolves and the server responds.

ping example.com

If it doesn’t resolve, it’s likely a DNS issue.

• Test DNS Resolution with nslookup

Verify if DNS is working by querying your DNS server with nslookup.

nslookup example.com

If it returns an IP address, DNS is working for that domain. But if it fails, the DNS server may be down or misconfigured.

• Run dig for detailed queries

Use dig for detailed DNS resolution data, including specific DNS record types.

dig example.com

Add +trace to follow the query path through name servers and find where it fails.

• Test with Alternate DNS Servers

Query public DNS servers (like Google’s 8.8.8.8) to rule out provider-specific issues.

nslookup example.com 8.8.8.8

If the domain resolves with a different DNS server, it suggests the problem is with your original DNS provider.

• Check DNS Propagation Delays

If you’ve recently made DNS changes (such as updating A or MX records), delays in DNS propagation could be the culprit. Use online tools like ClouDNS Free DNS tool to check whether your DNS records have propagated across global DNS servers.

• Check for DDoS attacks or high traffic loads

DNS outages can be caused by Distributed Denial of Service (DDoS) attacks or heavy traffic loads. Tools like TCPdump can help capture and analyze DNS traffic to detect abnormal patterns, such as a flood of queries or unusual IP activity.

Example:

sudo tcpdump -i eth0 port 53

This command captures DNS traffic, allowing you to inspect for signs of an attack. For real-time detection, combine TCPdump with network monitoring tools and DDoS mitigation services.

Troubleshooting 

What can you do when your domain is not reachable? 

As DNS administrator of the domain name, you can: 

• Suppose you have recently finished a DNS delegation. You might need to way up to 24 hours, so the changes are well propagated. 
• Check if you have paid for your domain name. If you have forgotten to pay your domain name, it won’t answer queries anymore when it expires. Set reminders for domain renovation and don’t miss the time. 
• Use the ping command to ping the DNS server from different locations to see if it is responding to any DNS requests. It is possible that you haven’t set up your nameservers correctly, and they are working but not answering queries for the domain name. 
• Try to reach the DNS server by using its IP address. If you can reach it, there might be a badly configured A or AAAA record that does not link well the domain name and its IP address. 
• Check your DNS monitor and see how the traffic is going. If you can’t see the monitor’s log, check if there were any unusual activities before the server stopped working. For example, it could have been a DDoS attack. If it is still happening, you can redirect the traffic and stop it. 

As a client who can’t reach a site: 

• You can have problems with the DNS cache of your device. You can flush the DNS of your device and your browser. This action will remove the previous DNS records that you have, and your device will search again for the A or AAAA record of the site you want to visit. If you had an older IP address, this could fix it. 
• Maybe your router is the problem. The router has a recursive DNS server that may need to be restarted. Pull its plug, then wait around a minute and connect it again. It should reboot and start working well again. 

Monitor your DNS server

Monitor your DNS for any strange pattern in traffic. There are different automatic monitors that you can set to see the traffic behavior. If something strange happens, you can see in almost real-time any changes and use the information to take action. 

You can monitor the DNS from different locations. That way, you can see if the problem is very local, is it regional, continental, or global. It will be easy to spot the problem.
DNS monitoring works best in combination with DNS Failover. You can set the monitor with the parameters that you prefer, and it will notify you and show you the data. But when you also have DNS Failover, you can connect this data and trigger automatic even in case of a down server. It can deactivate DNS records and replace them with working. It can also react in case the server gets up and add it to the list again. 

ClouDNS offers DNS Failover service for all of its paid customers. You can set it up and activate it for your domain fast and easily.

What are the consequences of a DNS outage?

If a DNS outage occurs, it could have a negative impact on your entire organization and community of customers. When DNS (Domain Name System) is down, websites, applications, and online services related to the domain name, such as emails, won’t function correctly. Unfortunately, that has the potential to damage operations, revenue, and brand reputation. In addition, you should act fast and quickly get it up and running again to regain all the temporarily lost functionality.

Yet, let’s assume the functionality of the DNS operations was seriously interrupted for a prolonged period of time. In that case, a DNS outage can potentially cause devastating consequences to the companies with an online presence. Here are some of the most common effects during this time: 

• Miss potential visitors
• Lose potential sales
• Have issues with services like email, FTP, VoIP, etc.
• Productivity losses
• Damage to reputation
• Impact on customers and strategic partners
• Diminished competitive advantage

It is crucial to implement all precautionary measures to avoid DNS outage’s negative influence on your business.

The biggest DNS outages in the history

• 2016 Dyn DNS Interruption: A significant disturbance shook the internet when Dyn, a leading DNS service provider, fell victim to an attack. Websites with heavy traffic, such as Twitter, Spotify, and Reddit, experienced outages. This event underscored the vulnerabilities tied to unsecured IoT devices.
• 2019 Cloudflare Outage: A misconfigured web application firewall rule caused a major disruption in Cloudflare’s services, impacting millions of websites.
• 2019 Google Cloud Outage: In June 2019, Google Cloud Platform experienced a significant outage that affected multiple services, including Gmail, YouTube, and Google Cloud Storage. A configuration change intended for a small number of servers in a single region was mistakenly applied to a larger number of servers across several neighboring regions.
• 2020 AWS Outage: In November 2020, Amazon Web Services (AWS) faced a significant outage that affected several services reliant on AWS’s infrastructure. This incident disrupted many online services and platforms, highlighting the vulnerabilities in centralized cloud infrastructures.
• 2021 Fastly Global Outage: In June 2021, a major global internet outage occurred, affecting numerous high-traffic websites including Reddit, Twitch, and even the UK government’s official website. This was traced back to a software bug in the Fastly CDN network, a critical infrastructure provider for many internet services.
• 2022 Microsoft Azure DNS Outage: In mid-2022, Microsoft’s cloud service, Azure, experienced a DNS outage. It impacted a wide range of services, from basic operations in Azure to third-party applications relying on Azure’s infrastructure. The outage underscored the need for robust failover systems and redundancy in cloud services.

Conclusion

A huge DDoS attack can lead to a DNS outage even if you have excellent infrastructure. But applying all the measurements can lower the time and the frequency of the DNS outages. Be prepared and intelligently manage your DNS traffic to be able to provide excellent service for your clients. Keep your business up!

The post What is a DNS outage (DNS downtime), and how to avoid it? appeared first on ClouDNS Blog.

What is a Webhook?

A webhook is a user-defined HTTP callback that is triggered by specific events in a source system and sent to a destination system, often with a payload of data.

When such an event occurs, the source site makes an HTTP request to the URL configured for the webhook. Users can configure these requests to trigger additional actions, such as updating information in a database or sending a notification to a user.

Webhooks are particularly useful for real-time notifications and integrations. They eliminate the need for continuous polling by pushing updates as they happen, which makes them efficient and timely. They are also highly customizable, allowing users to define the specific events they want to be notified about and the exact data they wish to receive.

What are Webhooks Used For?

Webhooks are incredibly versatile and can be used in a variety of scenarios. Here are some common use cases:

• Notification Systems: Automatically sending alerts or notifications based on certain events, such as changes in data or user activities. For instance, in an e-commerce site, a webhook can notify the inventory system when a product is sold.
• Integration with Third-Party Services: Allowing different services to communicate with each other without manual intervention. For example, a webhook can notify a CRM system about new leads captured through a website form.
• Data Synchronization: Ensuring that data across multiple platforms remains consistent and up-to-date. An example could be synchronizing user information between a website and a mailing list service.
• Automated Workflows: Triggering actions such as code deployment, email campaigns, or other automated processes. For example, a webhook can start the build process whenever new code is pushed to a repository.
• E-commerce: Updating inventory, processing orders, and handling payments in real-time. Webhooks can notify payment gateways about successful transactions and update order statuses accordingly.
• Monitoring and Logging: Keeping track of specific events and logging them for analysis. This can be particularly useful for security monitoring and auditing purposes.

How Does It Work?

Webhooks work by sending an HTTP POST request to a specified URL when an event occurs. The request usually contains a payload with data related to the event. Here’s a simple breakdown of the process:

1. Event Occurs: An event takes place in the originating application (e.g., a new user signs up, a purchase is made, or a DNS record is updated).
2. HTTP Request Sent: The originating application sends an HTTP POST request to the webhook URL configured by the user.
3. Payload Delivered: The request includes a payload containing data about the event. This payload is typically in JSON format but can also be in XML format.
4. Action Taken: The server at the receiving end of the webhook processes the payload and takes appropriate action, such as updating a database or sending a notification.

Webhooks rely on the concept of “event-driven architecture,” where actions are triggered by specific events. This is in contrast to traditional methods where an application might need to regularly check (poll) another service for updates. With webhooks, the communication is immediate and only occurs when necessary, making it both efficient and responsive.

How to Use Webhooks?

Using webhooks involves setting up a URL that will receive the HTTP requests and writing code to handle the incoming data. Here’s a step-by-step guide:

1. Create a Receiving Endpoint: Set up a URL on your server that can accept HTTP POST requests. This endpoint will process the incoming webhook data. Ensure that this endpoint is secure and can handle the expected load.
2. Configure the Webhook: In the originating service, configure the webhook by specifying the endpoint URL and the events you want to monitor. Most services provide a user-friendly interface for this setup.
3. Handle the Data: Write code to handle the incoming payload. This could involve updating a database, sending an email, or performing other actions based on the event data. Ensure your code handles different types of payloads and can recover from errors.
4. Test the Webhook: Trigger events to ensure that your webhook is receiving and processing data correctly. Many services provide testing tools or allow you to manually trigger events for testing purposes.

Webhook vs API

While both webhooks and APIs are used for communication between different applications, they operate differently:

Webhooks are push-based, meaning they send data to the receiving application when an event occurs. They are ideal for real-time updates and notifications. Webhooks are typically simpler and more lightweight than APIs since they only involve a single HTTP request in response to an event.

APIs are pull-based, requiring the receiving application to request data from the originating service. They are suitable for on-demand data retrieval and manipulation. However, they often involve more complex interactions like querying for specific data.

Webhooks are often used in conjunction with APIs. For instance, a webhook can notify an application of a new event, and then the application can use an API to fetch additional details or perform further actions based on that event.

How to Create Webhooks?

Creating webhooks involves both setting up the webhook on the service providing the event data and configuring the receiving endpoint. Here’s how to do it with ClouDNS for DNS Failover and Monitoring service:

1. Login to ClouDNS: Login to your account and access the ClouDNS dashboard.
2. Select DNS Failover or Monitoring: Choose the DNS Failover or Monitoring check you want to modify.
3. Access Notifications: Click on “Notifications”.
4. Create a New Notification: Click on “Create New Notification”.
5. Set Notification Type: Select “Webhook Up Event” or “Webhook Down Event”.
6. Enter URL: Enter the URL where you want to receive the webhook data.
7. Save the Configuration: Save your webhook settings.

Once configured, ClouDNS will send HTTP POST requests to your specified URL whenever the selected events occur. It’s essential to ensure that your endpoint is prepared to handle these requests and process the incoming data accurately.

Benefits

Webhooks offer several advantages:

• Real-Time Updates: Receive instant notifications when events occur, allowing for timely actions. It is particularly beneficial for applications requiring immediate response to changes.
• Automation: Webhooks automate processes by triggering actions based on events, which can save time and reduce manual work.
• Efficiency: They eliminate the need for constant polling, saving on bandwidth and processing power. This makes webhooks a more efficient option for services with limited resources.
• Flexibility: Webhooks integrate seamlessly with various services and applications. They can be used for a wide range of tasks, from simple notifications to complex workflows involving multiple systems.
• Scalability: Handle large volumes of events efficiently. Webhooks can be scaled to manage numerous events without significant overhead, making them suitable for high-traffic applications.

Conclusion

Webhooks are a powerful tool for automating workflows and ensuring efficient communication between different systems. By understanding how they work and how to implement them, you can significantly enhance the functionality and efficiency of your applications and services. Whether you’re looking to synchronize data, automate processes, or simply keep your systems in sync, webhooks offer a robust solution to meet your needs.

The post Webhook Basics: Automate with Ease appeared first on ClouDNS Blog.

DNS Failover

When you have a DNS, your clients can reach your site through from different locations by connecting to the closest Point of presence (PoP). This point can be down for some reason – maintenance, overload, hardware problems, etc. The client who try to connect to this PoP when it is down, can’t access your site.

Your IT staff can change the A or AAAA record to another IP manually, but first, they need to get notified that the PoP is down and later to take actions.

Having a DNS Failover activated will save a lot of troubles. It is a feature, available on all our DNS plans except the free one. ClouDNS DNS Failover provides you the security that your website will be up during network outage by redirecting the traffic to one of the 5 backup IPs that you can define in the settings. Even in a situation where more than 1 PoP is down, your website will stay live. The DNS Failover provides different monitoring options using DNS, UDP, TCP, HTTP(S), and ICMP Ping requests. The DNS Failover monitoring happens every minute, far more often than most of our competitors.

Suggested page: What is HTTP/HTTPS monitoring?

You can set up when exactly, the system must take action. Automate the process and don’t worry anymore about the downtime.

If you want to see the full list of actions and the setting you can put for it, you can check DNS Failover and Monitoring Documentation.

Conclusion:

The failover will keep your website up. It will guarantee that all your clients, no matter where they are, will be able to visit your site even if a few of your PoP are down. This means no problems for you, more potential sales and better customer satisfaction level. If you have a paid DNS plan form ClouDNS, you can set it up from your control panel. If you don’t have, check out our DNS Failover.
We hope this article was useful to you and you never ever have network problems!

The post DNS Failover, the backup that keeps your site online appeared first on ClouDNS Blog.