In short, Anycast is a network and routing methodology which will route the DNS query of the user to the nearest server, speeding up query time. By comparison, a traditional Unicast DNS network may route DNS queries to distant DNS servers on the other side of the world, causing latency. In the distant past all DNS providers operated Unicast DNS networks, but in the past decade or two it’s become far more advantageous to operate an Anycast DNS network.
How exactly does Anycast DNS work?
Anycast relies on a little trick that can be used within the Internet’s routing protocol (Border Gateway Protocol). Basically, the same IP address is assigned to multiple servers placed around the world and the IP prefix is announced in BGP from all these locations. Since BGP is designed to take the shortest and lowest cost path to a destination; anyone querying an Anycast DNS server will be routed to the server nearest them.
What are some additional benefits of Anycast DNS vs Unicast DNS?
Scaling – Anycast DNS networks easily scale to meet increasing load, simply by adding additional DNS servers to the Anycast network. Anycast DNS networks can grow indefinitely, there’s no limit to how many servers can be added. Unicast, on the other hand, is seriously constrained in this area.
High Availability – As mentioned above, an Anycast DNS network uses a 1 : many approach. Multiple DNS servers have the same IP address and the Internet’s routing protocol (BGP) finds the nearest server to the source of the query. If a DNS server goes offline, then it simply routes to the next nearest server.
Attack Protection – Anycast DNS also helps manage DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks. In the event of an attack, an attacker will find it very difficult to take down an Anycast DNS network.