0

I have my entire website behind a CloudFront distribution, and I used to have a Route53 zone, where the zone apex record for my website pointed to an ALIAS record for the CloudFront distribution.

However, now I'm switching to NS1 as a DNS provider. They also have a similar ALIAS record, however, there documentation states:

Geotargeting information is lost. Since it is the authoritative server for example.com that is issuing the queries for lb.example.net, then any intelligent routing functionality on the lb.example.net record will act upon the location of the authoritative server, not on your location. The EDNS0 edns-client-subnet option does not apply here. This means that you may be potentially mis-routed: for example, if you are in New York, and the authoritative server for example.com is in California, then lb.example.com will believe you to be in California and will return an answer that is distinctly sub-optimal for you in New York.

Basically, if I understand correctly, visitors of my website might be directed to a less than optimal CloudFront edge node.

Is this something I really need to worry about? For example: how big is the chance that a European visitor is directed to a CloudFront edge location in Asia?

Jeroen Jacobs
  • 1,276
  • 3
  • 15
  • 24

1 Answers1

3

You're correct, this change could result in visitors being directed to more distant CDN nodes than is ideal. This could result in lower performance for your website visitors.

Why are you switching DNS providers? Route 53 is fast, reliable, relatively cheap and integrates very well with AWS resources. It's 50c/month per zone then $0.40 - $0.70 per million DNS requests. It would take an exceptionally high volume website for that to become significant.

Update 1 By switching DNS providers you may shave a few ms off the DNS lookup time, but at the expense of sending your users to the wrong CDN node. This will slow your website down much more than DNS lookup being slightly slower.

I just tested DNS looking times for the NS1 and Amazon AWS websites, as I figured they use their own DNS servers. I tested from two locations - so a very small sample size, all within the US, but you could test yourself. Here's the timings.

NS1: 88ms, 70ms: average 79ms
AWS: 74ms, 83ms: average 78.5ms

So all in all you're making things more complex and slower to save about $0.75 per month. Suggest you stick with Route 53.

Tim
  • 30,383
  • 6
  • 47
  • 77
  • It's for testing purposes at the moment, to do some research on DNS response times. I get the impression Route53 is not exactly fast (just personal opinion at this moment), so I'm doing some tests with other DNS providers, so I can do a comparison. Also, NS1 has a free startup plan, so no harm done in trying. – Jeroen Jacobs Sep 17 '16 at 22:50
  • See my update. Based on my tests you should stick with Route 53. – Tim Sep 17 '16 at 23:50
  • I agree with @Tim, except that I'd tend to say say *this change* **will** *result in visitors being directed to more distant CDN nodes than is ideal.* Suboptimal routes become inevitable, it's more of a question of just how suboptimal they are. Worth noting, too, is that changing to another DNS provider and using their version of an alias record should often be *slower* because CloudFront uses a 60 second TTL for reslliency; 3rd party frequently has to look up the back-end record from whoever CloudFront uses for the `cloudfront.net` domain's DNS... which is, of course, also Route 53. – Michael - sqlbot Sep 18 '16 at 01:05
  • 1
    @Tim I had forgotten about this part: DNS queries against records in your hosted zone that point to CloudFront/S3/ELB using Alias records are completely free. I just confirmed, I paid $0.00 for 4.1 million of them last month. – Michael - sqlbot Sep 18 '16 at 01:22
  • Thank you all for your input. In the past, I had some quite slow Route53 responses in Europe, and I like some of the features that NS1 offers, which are lacking in Route53. However, I notice that although I'm Europe, I'm getting redirected to a US edge. I think NS1 is useful when you build your own CDN for example, or when you require complex DNS routing scenarios, but that's not my use-case at the moment. I'll probably switch back to Route53. – Jeroen Jacobs Sep 18 '16 at 16:33
  • It could be that your IP address range isn't properly mapped. Do some tests on webpagetest.org for their European servers and look at the DNS lookup time of the first request. – Tim Sep 18 '16 at 18:56