The Domain Name System (DNS) is widely referred to as the phonebook of the Internet. Just like buildings have addresses, all web pages have web addresses known as URLs. Within those URLs are domain names, we access information online through domain names such as google.com or wearewibble.com. Web browsers interact through IP addresses. DNS translates domain names to IP addresses so web browsers can load websites (meaning you don’t have to remember the IP address of every website you want to view).
Wibble is a leading Belfast web design and web development studio but we also have a huge number of sites that we manage and support. Part of that managed WordPress support is DNS management. For 99% of our sites, we take responsibility for the DNS management – this ensures we have full access to DNS records should we need to change things and also, as detailed below, allows us to offer amazing features through Cloudflare DNS that most DNS hosts can’t offer.
Here at Wibble, we use Cloudflare which is the industry leader for DNS management, SSL/TLS support, and lots of other performance, security and reliability features. When visiting a website without Cloudflare, the website visitor requests content from a server. When there are too many visitors on the server at the same time, the server can get overloaded with the consequences of being a slow or non-working website.
As the owner of the website, this is not something you would like to see which is why Cloudflare invented a solution for this. Cloudflare places its own server, in the form of an enormous worldwide network, between the website and web server. So website visitors don’t communicate directly with the server anymore, but with the Cloudflare network which has already stored the website content. Then loaded via a server depending on the location of the visitor. This is part of a global network known as a Content Delivery Network (CDN) which is part of the reason why we get faster loading websites.
Bob has a website that’s hosted in France, and Jack from Canada tries to connect to Bob’s website. The request has to cover a big distance (between website and web server). Cloudflare solves this by offering a huge network of servers around the world. Jack doesn’t have to make a connection with the French server anymore, but he will connect with the nearest Cloudflare server somewhere in Canada.
How do Wibble use Cloudflare to manage DNS records?
Within Cloudflare, we manage lots of different sites set up in numerous accounts. We set up a parent account that holds lots of A records which connect to a specific server on our hosting platform. These A records are proxied which means Cloudflare’s IP addresses are returned in DNS queries instead of the original server IP address. This allows Cloudflare to optimise, cache, and protect all requests for the website. Without using the Cloudflare proxy, the traffic passes through the Cloudflare network directly to the host server, without the features such as CDN, DDoS protection etc.
An example of how we try to approach things differently is our approach to A record management for all our sites that we manage. We have adopted an approach that uses CNAMEs pointing to a subdomain of ours as a way of controlling all our A records in one place. We bought and use the domain wibble.host to manage all our DNS IP addresses.
Why did we do this? If we have 100s of sites all with individual A records pointing directly to our IPs and these have to change suddenly, the process of individually updating them all would be a huge one. This approach allows 100s and 1000s of our sites to all point to one location or CNAME and if these all have to be changed, we make the change once and the A records for the 1000+ sites are updated in one move. This is Wibble pre-empting an issue that has never and may never happen but we know would cause significant downtime if it was to arise.
So when we are adding a site to our managed WordPress service, we create a CNAME record for the domain which points to the previously created A record. The use of the Cloudflare proxy again, adds a layer of security for the IP address, almost like a nesting approach. These records are all simply subdomains of “wibble.host”. The A record “13” will actually be “13.wibble.host” when given its full name.
Below is the process illustrated for our own website – we use a CNAME for the wearewibble.com domain to point to 13.wibble.host which will target the IP address of the end server.
So in essence, if you were to type ’13.wibble.host/services’ into your address bar, you will be taken to https://www.wearewibble.com/services/ and be able to see the services offered at Wibble.
Types of DNS Records
There are lots of DNS records that all play their part in the functioning of a website, the most common records being;
- NS records which identify the DNS servers responsible for a specific zone, essentially the NS record houses all of the other DNS records.
- A records which translate domain names to IP addresses,
- AAAA records specify the IPv6 address for a host – similar to an A record,
- CNAMES which are domain name aliases,
- MX records which are used to specify the e-mail server responsible for a domain name
DNS clients on connected devices reach out to DNS servers to retrieve these records. Web browsers rely on an “A” type record, while the “MX” record points the direction towards a mail server. This is how it’s possible to host a website with one service provider and email service at another.
How is the internet really connected?
In the example of Jack trying to access a website on a French server, you might be thinking “how would the distance between website and web server matter? Does this not all magically happen in the cloud?”. The simple answer is no. The internet is a composition of a few hundred physical fibre cables laid on the ocean floor which connect two or more landing points in countries.
If you want to see how you are connected to different countries, you can take a look at the submarine cables map here https://www.submarinecablemap.com/
How did Facebook go down?
During the few hours that Facebook and all related apps went down in October, we were being told that it was a DNS issue. But while DNS seemed to be a symptom of the failure, the true cause is that there were no Border Gateway Protocol (BGP) routes into any of Facebook’s sites. So while DNS is essentially the address system for the location of each website – its IP address – BGP is the roadmap that finds the most efficient way to get to that IP address. In plain English, nothing was lost during the outage, the chain between servers, networks and users was broken and requests were not able to be made.
And because Facebook uses its own internal network for everything including office access and email, communication became an issue which resulted in having to use text messages and Outlook. Engineers’ badges to access doors were also not working which helps to explain why the outage was so prolonged.
Cloudflare and Wibble’s managed support
The use of the industry-leading security features that come with using Cloudflare as your DNS host forms a major part of Wibble’s website security profile. By default, we push all connections to our websites through the Cloudflare network and avail of the protections that come along with that. Using Cloudflare as our DNS host is a critical part of our multi-faceted approach to keeping all our websites secure and protected. Along with the security features it allows us to make sites faster and when changing A records or adding new records we have found that these changes take minutes as opposed to hours. Using Cloudflare as our DNS provider is a no-brainer for us.