Anyone know how to make DNS redundant? Is it as simple as adding them as extra nameservers, and then copying all the records? I'm thinking about using Linode's DNS as a failover.
1. Adding NS records to the parent zone via your registrar. E.g. if you are using example.com, when you add nameservers with your registrar they add them to the ".com" zone.
2. Update the NS records in your own copies of the zone on your DNS providers.
If your registrar is also one of your DNS providers, then both of these steps are sometimes handled in one action from your registrar - but you still need to update the NS records on the other provider.
"NS" record sets are special in DNS in that there is a copy of the NS record for a particular zone in both the parent zone and the child zone. About 8% of resolvers consider the parent zone's copy the one that matters, the other 92% honour whatever is in the child zone's.
This can lead to confusing cases where you have different NS configurations on different providers - the resolver may "stick" to whichever one it found first (as long as both providers are in the parent zone). DNS can be maddening!
This is unfortunately a bit tricky as DNSimple doesn't let you update your NS records for the root domain with them. My computer seems to be going through DNSimple still, but Pingdom went via iWantMyName to find my new Route 53 nameservers. Not sure what I can do for now though.
Yes. You can do master-slave with AXFR but it doesn't seem very well supported nowadays. I remember 1 provider that let you put in your AWS credentials and they'd sync to Route53 using the API, though I can't find which one right now. Different providers offer different solutions...a lot don't offer anything.
Of course, you can always do it manually..which is fine if you have few records and they are static.
edit: Kept googling and I did find http://www.dnsly.net/ neat enough that I wanted to share it, even though I think dns providers should be doing this as part of their existing packages.
Also, although it's no guarantee, dns providers that use anycast are less susceptible (but not invulnerable) to ddos.
1. Adding NS records to the parent zone via your registrar. E.g. if you are using example.com, when you add nameservers with your registrar they add them to the ".com" zone.
2. Update the NS records in your own copies of the zone on your DNS providers.
If your registrar is also one of your DNS providers, then both of these steps are sometimes handled in one action from your registrar - but you still need to update the NS records on the other provider.
"NS" record sets are special in DNS in that there is a copy of the NS record for a particular zone in both the parent zone and the child zone. About 8% of resolvers consider the parent zone's copy the one that matters, the other 92% honour whatever is in the child zone's.
This can lead to confusing cases where you have different NS configurations on different providers - the resolver may "stick" to whichever one it found first (as long as both providers are in the parent zone). DNS can be maddening!
Full-disclosure: I'm a Route 53 developer.