[latch]

I need to learn to let things go, but: https://news.ycombinator.com/item?id=4280515

I've been a DnsMadeEasy customer for a while (they had an outage ~4 years ago from a 50Gbps attack), but once my year is up, I'm switching to Route53. The addition of the Geo DNS Queries was key for me. It isn't clear to me why I shouldn't pick Route53. DnsSimple's unlimited queries seems nice, but I kinda like having actual scaling costs forwarded to customers.

[kyledrake]

I've had a similar thought RE using Route53 for Neocities. Here's the problem with Route53 though. If you get a DDoS attack using it, it's quite plausible that you would be charged for resources used in the DDoS attack. A recent Vice article discussed this: http://motherboard.vice.com/read/inside-the-unending-cyber-s...

DDoS is a nasty problem. We've received a DDoS attack that shut the entire site down for days. We can't use Cloudflare because they don't support wildcard domains without their very expensive plan. I've also heard stories from people using Cloudflare that have still not been able to resolve DDoS issues (I'm not knocking Cloudflare, they're a great company that does a really good job fighting this very hard problem, but sometimes even they have trouble with it).

I'll be completely honest and say that I have no idea how to solve this problem. It's really, really, really hard. Switching to different service providers won't get you very far against the monster DDoS attacks that some people can execute.

[stevekemp]

If you're going to go the Amazon route then you absolutely need to keep an eye on billing, and set up alerts so that any DDoS which caused a spike in your costs would be caught as soon as possible.

[Intermernet]

I was burnt by this in the first 48 hours of using Amazon DNS. Very unlucky I guess... I'm amazed they still bill for DDOS traffic, or even traffic from black-listed IPs. It seems many of their competitors don't.

[b0k]

I really don't understand why some of these low-grade DNS hosting services are so popular when Route53 is available. With Route53 you get a top-grade DNS service that is equivalent, if not better, than the enterprise hosted DNS solutions but at the price of the low-end consumer style services.

I swear by Route53, it is the only service I use on AWS and I have moved a lot of my clients over to it.

[fapjacks]

I agree, but there are some low-end DNS providers which have good services that give you more "domains" for less than what it costs with Route53. I use Route53 for a lot of my sites, but for tiny client sites (and personal stuff which has lots of domains), it's hard to beat $60 a year for 25 domains at DNSMadeEasy. That's less than half of what it costs to use AWS for the same number of zones. Granted, the price drops after those 25 on Route53, so if you have thousands of zones in one account, best to use Route53. Just as an example of an edge case.

[aeden]

"and even then you can still be screwed if your bandwidth is saturated"

Which is exactly what happened in this case. It sucks to be on the receiving end of this. We couldn't defend against it and let our customers down, and that hurts me deeply. We choose one approach to defense, which was internal, and that was a mistake. We're going to work on rectifying that now.