Cloud News

    Multi-Region Replication Now Enabled for AWS Managed Microsoft Active Directory

    Our customers build applications that need to serve users that live in all corners of the world. When listening to our customers, they told us that whilst they were comfortable building Active Directory (AD) aware applications on AWS, making them work globally can be a real challenge. Customers told us that AWS Directory Service for […] [Read More]

    Introducing Amazon S3 Storage Lens – Organization-wide Visibility Into Object Storage

    When starting out in the cloud, a customer’s storage requirements might consist of a handful of S3 buckets, but as they grow, migrate more applications and realize the power of the cloud, things can become more complicated. A customer may have tens or even hundreds of accounts and have multiple S3 buckets across numerous AWS […] [Read More]

    AWS Network Firewall – New Managed Firewall Service in VPC

    Our customers want to have a high availability, scalable firewall service to protect their virtual networks in the cloud. Security is the number one priority of AWS, which has provided various firewall capabilities on AWS that address specific security needs, like Security Groups to protect Amazon Elastic Compute Cloud (EC2) instances, Network ACLs to protect […] [Read More]

    Lightsail Containers: An Easy Way to Run your Containers in the Cloud

    When I am delivering an introduction to the AWS Cloud for developers, I usually spend a bit of time to mention and to demonstrate Amazon Lightsail. It is by far the easiest way to get started on AWS. It allows you to get your application running on your own virtual server in a matter of […] [Read More]

    Meet the newest AWS Heroes including the first DevTools Heroes!

    The AWS Heroes program recognizes individuals from around the world who have extensive AWS knowledge and go above and beyond to share their expertise with others. The program continues to grow, to better recognize the most influential community leaders across a variety of technical disciplines. Introducing AWS DevTools Heroes Today we are introducing AWS DevTools […] [Read More]

CloudFlare® outage: solutions and alternatives

Too big to fail does not apply in the world of servers. Regardless of your provider you need to have redundancy to achieve 100% uptime. It is all about avoiding the single point of failure.

CloudFlare® down?! It’s impossible!

The outage has been a reality for many during half an hour. If you run an ecommerce website with a order every 20 seconds: it must have been painful.

Why so many people use CloudFlare® in the first place?

The answer is simple: it is free and fast!

How could you limit such outage in the future?

Unfortunately CloudFlare® does not allow secondary NS usage (which makes senses if you want to limit DDoS attacks, because you want to shield your main server as much as possible). However you could greatly have limited the outage if you did not use the “Auto” TTL setting within CloudFlare®. There is actually nothing automatic: it is in fact a TTL of 300 seconds (5 min). If you had a TTL set above the duration of the outage you could have greatly limited the impact on your users.

The Golden Rule: always set the highest TTL on all of your records.

That is: when you do not use the CloudFlare® proxy/CDN/cache

Shall you ditch CloudFlare®?

It all depends on your needs: if you run a personal websites, then CloudFlare® is certainly the best. If you run a busy online shop and want to keep CloudFlare®: then you should at least apply the golden rule above. However you can still consider the alternatives below.

What are the alternatives to CloudFlare®?

There are really two main groups:

  • Free alternatives
  • Paid alternatives

The free alternatives to CloudFlare®

Do not sign-up for free trials or free plans that limit the amount of queries per month: that will lead to a disaster! Once the limit is reached, the DNS requests will simply be left unanswered, turning you offline. It is also very easy to attack such websites and bring them down.

Most of the domains’ registrars include a free DNS service: you can easily use it and deploy this where you have registered your domain name. Bear in mind that when you transfer your domain names out: you are going to lose all of your DNS records… If you always renew at the same registrar then no problem.

If you run 2 servers or more: you can deploy a cluster and serve your DNS from those different servers.

Finally the last alternative is to switch back to self-hosted DNS.

The paid alternatives to CloudFlare®

The best paid alternative is nothing else than Route 53 from Amazon AWS®. All other offers are either overpriced, obscure (prices unknown), or not redundant enough due to a low amount of PoPs (Points-of-Presence). The deployment is so redundant that the engineers at AWS® use different domain extension as NS servers:

Look at those beautiful NS!

We have switched to it since the outage.

Comments

So empty here ... leave a comment!

Leave a Reply

Your email address will not be published. Required fields are marked *

Sidebar