What would you do if you had a ready-made DNS cloud solution at your fingertips?
As recently announced, ORION-connected institutions have a world-class, secondary DNS solution at the ready. The .CA D-Zone Anycast DNS service, managed by the Canadian Internet Registration Authority (CIRA), is available to all users, free of charge. This service features an unmatched authoritative DNS footprint within Canada, shorter query times, and improved DDoS protection for your most important traffic.
Best of all, the service can be started with a single email to CIRA’s support desk and can be configured in a matter of minutes.
Miles von Hausen, Network and Data Security Analyst at the Waterloo Region District School Board recently set up D-Zone for his organizations – we caught up with him to learn about his experience with the service.
Why did you choose D-Zone as your secondary DNS provider?
As an administrator for DNS services at WRDSB, I’ve always wanted to make our public DNS more robust and bullet-proof by utilizing a ‘cloud’ offering. I’ve had lots of different options and ideas, but none were quite right or I got busy and the solution was put on the back burner for a later date.
In the summer of 2015, a colleague working at a municipality mentioned a service he was using that provided global Anycast DNS for public-facing name servers, but retained the local servers as masters. It sounded good and when he also mentioned the reasonable cost, I decided to look into it further.
Enter D-Zone by CIRA. What I found was a simple, Canadian solution to many of my DNS concerns.
What are the benefits of being an ORION-connected institution?
As an ORION user, it was included with our ORION service. To take advantage of the full package was a no-brainer for me.
How easy was it to configure your first zones?
A quick information web-meeting and reviewing the support documentation explained the elegant setup and the work required for implementation. We decided to test a ‘quiet’ zone or two and then implement on the rest of our busier zones.
It was even easier than I imagined: a quick change to our bind configuration, and we were ready to test a zone transfer. We decided on a couple of test zones, the whole process couldn’t have taken much more than an hour.
After verifying the operation with some zone data changes, we updated our domain registrar to point to the D-Zone servers. A couple more days to make sure all was good, and we were ready to implement on our main domains. Again, only a little bit of work was needed to make the changes.
Just in case, we also had a roll-back plan ready, because you never know!
Any further tips for other ORION connected institutions?
I’m certainly very happy with this solution. It gives us a lot of piece-of-mind and takes the million-plus weekly queries off our servers and distributes them across the globe. The easy-to-use dashboard provides a view of your domain status and which servers are responding to queries.
If you’re waiting to implement this service, my advice would be to just get online. Take advantage of this opportunity. You’ll be glad you did.
To inquire about this service, please contact your community development representative or email: communitydev@orion.on.ca.