O'Reilly logo
live online training icon Live Online training

Leveraging multiplatform DNS for web application resiliency

Sponsored by Oracle Dyn

Matt Torrisi

The threat to an organization’s DNS has never been more pronounced, and the operations community is furiously working to protect against attacks and other types of service disruptions. The most obvious way to increase DNS resiliency comes through having multiple providers. However, this isn’t as simple as adding a secondary or alternate DNS service. As service disruptions become increasingly prevalent, your management of multiple DNS instances must become more sophisticated. Understanding how multiple vendors and systems can work in unison—rather than creating silos or reducing strategic capabilities—is pivotal to effective asset management.

Join Matt Torrisi to learn how to implement multiplatform DNS. Along the way, Matt covers the important criteria in assessing DNS network compatibility and demonstrates how to use DNS as a traffic-steering platform. You'll also create an optimized traffic flow diagram for your organization’s domain so you can communicate the concepts you’ve learned in this session with your own team.

What you'll learn-and how you can apply it

By the end of this live, online course, you’ll understand:

  • How traffic is decided on multiplatform DNS delegations during normal operation and during failure states
  • Important criteria in assessing DNS network compatibility
  • How to use DNS as a traffic-steering platform for higher-level traffic

And you’ll be able to:

  • Articulate the high-level narrative of multivendor DNS and why it is important for domain resilience
  • Identify areas of risk for domain resolution
  • Apply DNS traffic patterns to enable scalable multivendor DNS solutions with even the tallest zones and most complex traffic-steering solutions
  • Deploy DNS with confidence across multiple platforms

This training course is for you because...

  • You're an experienced solution architect, network engineer, member of a reliability or engineering team, or an operations leader charged with building and supporting highly reliable enterprise applications, and you need to start leveraging cloud infrastructure for your solutions.
  • You want to understand how to craft scalable traffic flows for your domains that utilize GSLB.
  • You're responsible for an enterprise solution using a single DNS solution, and you want to understand how to build redundancy into your delegation.
  • You need to start migrating your existing solutions to cloud-based DNS.

Prerequisites

  • A working knowledge of authoritative DNS

Required materials and setup:

  • An exported zone file to use for the hands-on exercise (Be sure you have some understanding of the critical hosts within it, especially if those hosts already have traffic steering functionality in the current environment.)

About your instructor

  • Matt Torrisi is an experienced solution architect within the Oracle Cloud Infrastructure edge services group. He has spent the last seven years advising companies from the smallest startups to the largest global enterprises on how to optimize their infrastructure posture and ensure brand resilience.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

How internet volatility is impacting web application performance (40 minutes)

  • Lecture: The importance of DNS to both traditional and cloud-native organizations; DDoS attacks on DNS and their evolution; actors and responsibilities of the DNS ecosystem; anatomy of a DNS query and response; changes in risk profiles during outsourcing and insourcing operations

How to build resilient infrastructure for high-performance DNS (40 minutes)

  • Lecture: Secondary DNS isn’t just a backup—the case for multiple DNS platforms; using zone file management to keep multiple vendors in sync; the pros and cons of including internal NS in a public delegation; vendor evaluation criteria for inclusion in a long-term multivendor DNS strategy

Break (10 minutes)

Designing a multilayer, multiplatform solution (40 minutes)

  • Lecture: Using DNS for traffic steering—capabilities and caveats; using management zones to move traffic steering capabilities off a zone; a comparison of centralized management zones and cuts in authority; keeping response behavior equal across multiple providers with proprietary solutions; introduction to tool-based orchestration and common libraries

Break (10 minutes)

Optimizing your zone file for multiplatform DNS (30 minutes)

  • Hands-on exercise: Take one of your own zones and apply the management zone techniques to develop a draft traffic steering flow in a multilayer, multiplatform environment

Wrap-up and Q&A (10 minutes)