BLOG

One DNS Provider is Not Enough!

Nico Cartron Thumbnail
Nico Cartron
Published May 27, 2025

The domain name system (DNS) is one of the most important protocols on the Internet. It’s often referred to as “the phonebook of the Internet” (although most DNS experts despise this description).

Put simply, DNS makes it easier to navigate the Internet by enabling users to type in domain names rather than numerical IP addresses. For instance, if you want to visit the F5 website, rather than memorizing the physical address (IP address) of F5’s web server, you can simply type "www.f5.com " into your web browser, and DNS will handle providing your operating system with the IP address for the F5 website.

DNS is an interesting beast: it is an old protocol (the first RFC dates back to 1987), did not change for a while, but then received a lot of interesting changes in recent years aimed at enhancing security with augmentations like DNS over TLS (DoT) and DNS over HTTPS (DoH).

Preventing DNS outages

Another well-known saying amongst DNS people is, “It’s always DNS.” While, of course, that’s not always the case, it is true that when DNS has hiccups, they are noticed immediately.

Recent DNS outages, such as the ones experienced by Zoom (April 2025) or Cloudflare (July 2024) clearly confirm that outages in general, and DNS outage in particular, do happen, no matter how redundant systems are. Whether a routing issue, a software bug, or a misconfiguration introduced by humans, it is almost impossible to guarantee that a system will always be up-and-running.

How do we mitigate this?

The easiest way to prevent a DNS outage from taking your online presence completely offline is to use multiple DNS providers.

DNS, as a protocol, has built-in mechanisms that allow the addition of secondary DNS services through the use of zone transfers.

This means that whenever a change is made on your primary DNS provider, a notification (NOTIFY) message will be sent to your secondary provider(s), which will then request the latest changes.

Adding a secondary DNS service can improve availability and resilience of DNS, while reducing the load on your primary DNS service.
Adding a secondary DNS service can improve availability and resilience of DNS, while reducing the load on your primary DNS service.

Advantages of having multiple DNS providers

In addition to having a “Plan B” whenever something happens on one of your DNS providers, having other DNS providers in your environment provides the following benefits:

  • Software diversity: Provider B will likely use different DNS software than Provider A — if a bug hits A, it won’t (hopefully) affect B.
  • Network redundancy: DNS providers serve DNS requests out of their network, meaning that even if DNS is still up, a network outage will bring DNS down. Having a second DNS provider that uses a different network/ASN (autonomous system) helps mitigate that.
  • Latency: Low latency is critical to getting fast DNS answers; however, some networks have better latency in specific regions than others — having another provider can help with obtaining good latency across the globe.

How F5 can help

Don’t wait for the next DNS outage to investigate what you can do! F5 offers primary and secondary DNS services through our Anycast network, safeguarded by F5 Distributed Cloud Services. Check out this article to learn more: The Power of &: F5 Hybrid DNS solution | DevCentral