This post is about Authoritative Name Servers. Learn More.
Your Website or App’s DNS server or Authoritative Name Servers should be hosted with a DNS hosting provider that provides great speeds, is reasonably secure, and you should have some form of redundancy.
As the DDoS or Distributed Denial of Services Attack become a more common scenario, choosing a reliable high quality DNS service becomes very important to provide your website with redundancy, speed, and better security.
What is DNS?
As already discussed in DNS Explained post, DNS or Domain Name System is kinda like the phone book of the Internet, providing users with the IP address of the websites like google.com, they are trying to connect, so that their browsers can establish a connection and get data.
We will be discussing DNS hosting providers or hosting providers of Authoritative Name Servers, these Authoritative Name Servers have access to the actual IP address of the website, helping users to connect to your website or app.
Why Reliable DNS Hosting is Important?
A DNS hosting provider is the DNS server that is responsible for providing the authoritative name servers as mentioned in step 6 and 7 above (e.g. ns1.google.com, ns2.google.com, etc). These name servers have all necessary information of your website, that is necessary for basic functioning of your website.
You should use a reliable DNS hosting providers to make sure your website doesn’t get down abruptly, and can be accessed by people all over the world faster, and make your website a bit more secure. Here are a few reasons to choose a reliable DNS hosting provider:
Your authoritative nameservers act as a single point of failure for your online business, DNS hosting providers give you the option to configure a secondary nameserver that will be used, in case the primary authoritative nameserver is down.
Using multiple DNS providers gives you the redundancy and peace of mind. Most common approach is to configure one of the DNS providers as primary and the other as secondary, slave to the primary provider, which means that your Zone records are synchronized from the primary to the secondary.
This approach mitigates the issue, when say a DNS lookup fails and times out to your primary DNS server, it queries the next DNS server until the correct IP address is returned, or it is unable to resolve the DNS query, in which case it shows “This webpage is not available” error.
There is caching done by your DNS resolver, which may be your ISP or any other Resolving Name Server (I recommend you switch to an Encrypted DNS Resolver for better privacy and speed), but this cache expires after a set amount of time determined by TTL or time-to-live.
It is usually recommended having longer TTL for DNS records, which seems like pretty good advice as this means the DNS resolver will store your records for a longer time, and users will still be able to access the website even if your DNS provider is down, but it can backfire if you change your DNS records.
Speed is another reason why you should use a DNS provider that has good servers all around the world, as this ensures less latency between the DNS lookup and TTFB (Time To First Byte). You can check your website’s DNS lookup time and TTFB using web.dev or GTmetrix.
Most of the DNS hosting providers have multiple PoPs or point-of-presence to provide faster DNS lookups from a close server location, hence decreased latency and faster speed.
However, most of the DNS queries would either get response from the cache present in the user’s browser, the operating system, or the DNS Resolver, which reduces the load on the DNS servers.
DDoS, or Distributed Denial-of-Service attacks are becoming a very common scenario, Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019.
DDoS attackers flood your DNS servers with requests, in an attempt to cause a denial of service for legitimate traffic. You can use a DDoS mitigation provider like Cloudflare or Akamai to mitigate this attack.
In NXDOMAIN Attack, similar to DNS flood attack is also a DDoS attack where attackers flood your DNS servers with requests for records that don’t exist, in an attempt to cause a denial-of-service for legitimate traffic.
This is why using multiple DNS provider that has mitigation services are incredibly important, a lesson the team at Canopy.co learned when a DDoS attack took out their DNS provider.
A lot of free DNS hosting providers come with great features like firewall policies, rate limiting, filtering, and blocking that can help mitigate a DDoS attack on your website. And having a secondary DNS provider means that even if your primary one is taken down, your website will keep on working.
DNS Hosting Providers
Alright, here are the top free DNS Hosting Providers that you can choose from, listed in no particular order.
Cloudflare is one of the largest, if not the largest free DNS hosting provider, it is a website-security company providing CDN services, DDoS mitigation, Distributed domain-name-server, Encrypted DNS resolver, among other Internet security services.
Cloudflare is one of the fastest managed DNS hosting provider which means you don’t have as much control, but they do provide you with additional security features like rate limiting, filtering, and blocking.
NS1 is another free DNS hosting provider, and they out-perform many of the top players in the industry. NS1 offers potent Filter Chain routing engine that helps you manage highly critical and demanding applications on the web efficiently.
NS1 provides automatic traffic management by leveraging your infrastructure and real-time network data to ensure a high level of reliability and performance. NS1 Developer Plans are free for life and include: 500k Queries. 50 Records.
Hurricane Electric Internet Services
Hurricane Electric Internet Services is another free DNS hosting provider, with a solid network of DNS servers with hundreds of POPs (Point Of Presence), available across all of North America, Europe, Asia, Middle East, Africa, South America, and Oceania.
Hurricane Electric Internet Services’ free DNS service supports both IPv4 and native IPv6, sanity checking, slave support, multiple domains per account, among other features. It is a solid DNS provider that’s worth giving a shot.
Rackspace also provider free DNS services, but it is only available for current cloud server customers. Some main features of Rackspace’s DNS services include automated migrations, IP Anycast routing, load balancing, and flexible access via their cloud control panel and RESTful API.
NameCheap, the popular domain registrar also offer free DNS hosting services that are fast and reliable. The FreeDNS is the one that is available for people that aren’t Namecheap customers, If you are a Namecheap customer you get to use BasicDNS for free. They also have paid DNS service called PremiumDNS.
The FreeDNS service is adequate for most people, with support for Dynamic DNS and other features, you should switch to BasicDNS or PremiumDNS to use DNSSEC.
DNS Records Explained
The information that is stored in the Authoritative Name Server are called DNS Record or Zone Files, they contain the IP address associated with the domain along with other information required to handle requests for that domain.
Here are the most common types of DNS records:
- A or AAAA record — also known as “Address record” is used to store the IP address of the domain name. AAAA records are used for pointing to an IPv6 address while A records are used for IPv4 addresses.
- CNAME record — also known are “Canonical Name record” or Alias record is used to point a domain or subdomain from our domain to some external domain or to one of the current domains
- MX record — also known as “Mail Exchange record” is used for routing of emails sent to your domain to relevant email servers.
- TXT record — also known as “Text record” is used to add arbitrary text to a domain name, usually used for verification by third parties.
- NS record — also known as “Name server record” is used to indicate the authoritative name servers, where the domain information is stored.
There are different other types DNS records like SOA, SRV, PTR, APL, CAA, and others, you can learn more here.
- DNSPerf: Comparison of all commercial and enterprise DNS services so that you can find the DNS hosting provider that is fast and high uptime.
- SolveDNS: DNS speed comparison reports that are updated every month.
DNS Hosting Providers
There you have it, these are some excellent free DNS hosting providers out there with lots of features. Don’t wait until disaster strikes, choose a reliable and fast DNS hosting provider and set up a secondary DNS server for additional redundancy and to help mitigate and prevent DDoS attacks.
That’s all Folks!
I will be updating this page frequently with more DNS hosting providers and information. You switch to an Encrypted DNS Resolvers that can help you get access to these IP addresses privately.
Do let me know of any feedback, tips, or suggestions based on DNS hosting provider you are using, feel free to drop a comment below!