What is Anycast DNS?

Anycast is a network addressing method in which a single IP address is announced from many locations at once. Instead of that address belonging to one machine, it belongs to a whole fleet of servers, and the internet's routing automatically sends each request to whichever one is closest in network terms.

Applied to DNS, anycast means a provider can publish one nameserver IP and back it with servers on several continents. A user in Tokyo and a user in London both query the same address but are served by entirely different machines nearby. For the underlying lookup process this is invisible; see what is DNS for that side of the story.

The contrast with the traditional unicast model makes anycast easy to grasp:

• Unicast — one IP address maps to exactly one server in one place. Every query for that address travels to the same machine, no matter how far away the user is.
• Anycast — one IP address is announced from many servers in many places. The network routes each query to the nearest healthy server, so distance and load are reduced automatically.

The crucial difference is the one-to-many relationship: anycast turns a single address into a shared front door for an entire distributed system, while unicast keeps a strict one-to-one mapping.

DNS is an almost perfect fit for anycast, and providers rely on it for three big reasons:

• Speed — because each query is answered by a nearby location, round-trip times drop and lookups complete faster, which matters because nearly every connection starts with DNS.
• Resilience — if one location goes offline, routing simply steers queries to the next-nearest site. There is no single point of failure tied to one machine.
• DDoS absorption — a denial of service flood aimed at the shared address gets spread across every point of presence rather than concentrated on one server, so the network can soak up far larger attacks.

This is why the root servers, major TLD operators, and large public resolvers all run on anycast.

Content delivery networks lean on the same idea. A CDN typically uses anycast both for its DNS and for steering visitors toward a nearby edge location, so the page itself is served close to the user. The result is that a single hostname can resolve and load quickly from anywhere in the world.

This also means the IP an anycast or CDN name resolves to can legitimately differ depending on where the lookup happens, which is worth knowing when you compare results from different locations. We explain how to recognize this in anycast and CDN detection.

Anycast is powerful, but a few things are worth keeping in mind:

• It requires operating multiple points of presence and announcing the address from each, so it is something DNS providers offer rather than something you configure yourself.
• Different users can receive answers from different nodes, which makes consistency across those nodes important.
• Troubleshooting can be trickier, because two people querying the same address may be talking to servers thousands of miles apart.

Whichever provider and routing model you use, the records being served still need to be correct everywhere. ZoneWatcher monitors your DNS continuously and alerts you the moment a record changes, regardless of how your provider distributes its servers.