News

Your domains are safe!

2020-04-08 Blog

The country code top-level domains (ccTLDs) of Europe are safe. The current increase in traffic to our servers has been small. This is down to technical reasons, as ISPs take the majority of that traffic and so very little trickles down to us. Having said that, even if traffic did increase significantly, like 100 times more, we have the capacity to handle it. Read on to know why and how we achieve this.

The current crisis has sparked an interest in the reliability of our networks. We have heard about networks running at capacity and video companies lowering picture quality to preserve network bandwidth. Politicians on all levels have asked internet providers to up their game, stabilise their network and deliver more. Free access for everybody has been proposed in many countries and some network owners have suspended data caps for all their customers.

Our internet providers have (mostly) done their homework. We have not heard of any big network outages. Data traffic has increased dramatically, but the networks have been able to take the pressure and deliver.

When you access the internet, independently of what you intend to do, most likely you will use a domain name like europa.eu. Your computer will use what we call the Domain Name System (DNS) to translate that name into an IP address that the computer needs to access the internet.

How does the DNS hold up under pressure?

You might think that so much more internet activity would mean much more traffic for the DNS. And there is of course much more traffic, but due to the nature of the DNS, with many caches in between, the traffic at higher levels does not increase proportionally. Additionally the DNS has more than 20 years of experience in dealing with DDoS attacks.

European ccTLDs have for many years worked diligently to secure the integrity, reliability and availability of their services. We have been at the forefront of introducing DNSSEC to ensure the integrity of the information we provide. We also all use a technology called anycast, that gives us the ability to place servers all over the world to provide redundancy and availability in all parts of the world.

Some ccTLDs have implemented their own anycast network. Some ccTLDs use the services of other anycast providers. But they all have one thing in common: many servers in a lot of different places. Some of us even have servers in internet provider networks to secure the access to domain names for the customers of the internet provider. Even if everything around failed, the customers of these providers would still be able to access the internet as if nothing had happened.

How can we be sure that we can handle the traffic?

For most ccTLDs normal traffic could be handled by any laptop in the office. This would of course be irresponsible, and nobody would do that, but theoretically it is possible. Given the amount of server capacity we have all deployed to handle our traffic, even a tenfold increase would still leave us with high margins of reserve capacity.

Please have a look at this publication from SIDN (.nl). The increase in their traffic has only been around 25%. This means it has not even doubled! Unlike the case for videos, the DNS has a built-in capability to handle the increase in traffic on several levels.

ISPs and other network operators

Network operators like ISPs usually provide a DNS service for their customers. Their servers are the first line of the DNS to handle the larger amount of traffic. But even here it is unlikely to cause a major problem. More traffic does not mean that network operators need to scale their services in a linear way. Many people ask the same questions which translates to much less work for the servers and therefore the ability to handle the traffic even when it spikes or increases permanently.

The speed of DNS answers is very important for operators. Strangely enough it is that speed that defines if consumers recognize their connection as fast or slow. And if the DNS service did not answer, for most people it would mean that the internet is down. So all (most) network operators make sure their DNS service is working.

Hosting providers

Another party of huge importance in the DNS world is hosting providers. It is the availability of their servers that in the end guarantees the availability of your domain. Many years back this would have been a problem. But over the last decade we have worked with hosting providers (and other providers of name server services) to make their service more reliable. As a result, today we can say with confidence that even your hosting provider will most likely withstand any increased traffic arriving at their servers.

Finally...

As I said in the beginning, your domains are safe! Current traffic levels are not even close to anything to worry about. But that does not mean we are not alert. We actually do watch traffic levels constantly, because we do not only want to deliver a reliable service. Our service should be fast too!

By Ulrich Wisser, Co-chair of the CENTR Technical Working Group