In 1999, Rodney Joffe—now senior vice president and senior technologist at NeuStar implemented the first large-scale commercial applications of IP Anycast for DNS while at UltraDNS, the Reston, Virginia-based managed domain name services company he founded. A decade later, in the wake of NeuStar’s April 2006 acquisition of UltraDNS, this initiative has enabled NeuStar to build one of the world’s leading managed DNS services, renowned for performance, reliability and security.

“In a network environment that is controlled by no single entity, NeuStar is a critical intermediary,” said Joffe. “By combining IP Anycast with Border Gateway Protocol (BGP), NeuStar can provide its customers with what I consider to be outstanding performance and security. This combination virtually eliminates drops, and enables our network to redirect queries automatically and instantly in the event of an outage. In addition, it defuses security threats and Distributed Denial of Service (DDoS) attacks of every level of severity, protecting our network at every turn. There is no substitute for experience—and over the past few years, we have seen and successfully addressed almost every conceivable DNS failure scenario.”

IP Anycast provides the ability to simultaneously advertise the same public IP addresses from multiple machines in multiple locations. This capability is usually combined with BGP, which is used at the edges of networks to route packets of data along the most available and reliable paths. When combined with IP Anycast, BGP may be used to route packets to the closest, most available instance of a service such as DNS. In the event of a node outage, BGP route announcements are automatically updated—meaning that the address for that node is withdrawn as a viable destination—and traffic is redirected to the next closest topological node. This allows for individual nameservers or complete nodes to be removed from the pool of active systems whenever unusual behavior is detected or key elements fail.

“Rodney’s insight and early adoption of IP Anycast combined with BGP has led to a dramatic improvement in the performance and security of the DNS infrastructure, and hence the Internet,” said Paul Vixie, president of ISC. “This innovation made it easier for ISC to add similar functionality onto our F-root nameservice globally, and benefitted the resilience of the infrastructure as a whole.”

IP Anycast is one of the foundational elements of managed DNS services. NeuStar’s UltraDNS Managed DNS Service is built on a global directory platform consisting of strategically placed network nodes spanning five continents. These nodes form an Oracle database-driven infrastructure that replicates globally in near-real time, ensuring DNS requests are resolved with the very latest data. Unlike infrastructure solutions offered by other providers, the UltraDNS Managed DNS Service does not require new hardware or special software. Today, NeuStar’s intuitive web-based management portal offers increased management control and functionality to thousands of managed DNS customers worldwide, and all DNS changes are propagated globally in near-real time.

“DNS is ideally suited to the use of an IP Anycast infrastructure because the vast majority of DNS queries are sent using the User Datagram Protocol (UDP) as their transport mechanism,” said Steve Crocker, CEO of Shinkuro, Inc., a start-up company focused on dynamic sharing of information across the Internet. “UDP is a ‘best-effort’ protocol, and as such cannot guarantee delivery. By using IP Anycast to bring the answer for a DNS query even closer to the end user, it becomes far more likely that the query will reach its destination and be responded to quickly. Rodney’s innovation is now industry best practice and a major contribution to the development of the Internet.”