DNS is Simple. DNS is Hard
2 days ago
- #network-infrastructure
- #system-reliability
- #distributed-systems
- DNS appears as a simple lookup system mapping domain names to IP addresses, but it operates as a distributed system without a global view or control plane.
- DNS changes initiate a convergence process across uncontrolled, unobservable distributed resolvers and caches, leading to potential inconsistencies and failures.
- DNS failures, such as the 2016 Dyn outage or 2025 AWS issue, highlight its critical role; problems arise from caching, lack of coordination, and hidden state.
- Real-world migration experiences show DNS lacks clean cutovers, causing coordination problems where parts of the system believe different states during transitions.
- DNS is hard due to no global state view, pervasive caching, time-based convergence, multi-provider complexity, and its integration into essential infrastructure.