Blog Post

Why You Should Require Anycast DNS

Check out this blog series to learn about the differences between Anycast and Unicast, and see how it speeds up DNS resolution times.

This is the fourth post in our DNS series. For parts 1-3, click the links below:

DNS Lookup: How a Domain Name is Translated to an IP Address

Dissecting DNS Communications

In the World of DNS, Cache is King

In several of our previous posts in this series, we mentioned a technology called Anycast and how it can decrease latency. In this post, we will discuss the difference between Anycast and its more prevalent counterpart Unicast, and see how it speeds up DNS resolution times.


DNS Unicast

Almost all of the Internet and the technologies built on top of it rely on a routing scheme called Unicast. With Unicast, every server (or cluster of servers behind a load balancer) has a unique IP address, which any device in the world can rely on to communicate with the server. If the client device is topologically close to the server, the latency will be small and the performance of the application will therefore be perceived as fast. But if the distance between the two is large, there will be significant slowness due to network latency.

When using Unicast for the domain name servers, you can have multiple physical servers around the globe with different IPs and rely on the end user’s resolver logic to reach the closest name server. The resolver DNS servers can implement special logic that measures and stores the average round trip time (RTT) of the name severs they query, and then favor those servers that have the fastest RTT. However, there is still no guarantee that the user’s DNS resolution will be fast. Some queries will still go to nameservers that are not close to the resolver, and not all resolvers have this feature enabled or support it.

In this example of a traceroute from our Seattle Level 3 location to a Unicast IP address, we see that it has to travel all the way to its home server in New York, adding extra latency.

DNS Unicast traceroute


DNS Anycast

Anycast is a routing scheme alternative to Unicast. Using Border Gateway Protocol (BGP), a network operator can announce the same IP address range from various locations dispersed throughout the world. This causes routers to direct traffic targeting the IP range to the nearest location that announced it. When we run our traceroute from Seattle, this time to an Anycast IP address, the number of hops, RTT, and latency are all lower.

DNS Anycast traceroute

There is one catch with Anycast, and that is the definition of “nearest.” Anycast will route to the closest server as defined topologically in the network by smallest number of hops. Usually there is a direct correlation between what is close topologically and what is close geographically – but this does not mean it is always the case or that the latency will be the lowest. The mechanisms behind the route scheme do not take latency or geography into consideration. This means that if you are in Atlanta and the closest Anycast server in terms of hops is in Dallas, but the closest geographically is in Ashburn, you will still be routed to Dallas even though the RTT will be greater.

Besides increasing performance, Anycast has several other benefits:

Acts as a layer 3 load balancer between multiple points of presence with automatic failover.

  • Increases reliability by adding redundancy via the placement of multiple points of presence dispersed geographically
  • Builds resilience against DDoS attacks, as it is harder to launch such attacks against multiple network locations that are dispersed
  • Limits impacts of attacks to specific locations, as opposed to the entire system


Anycast is primarily used for applications relying on the UDP protocol, like DNS. Anycast DNS has already been deployed by 12 of the 13 DNS root servers, and most major DNS vendors such as Cloudflare, Dyn, Edgecast, Verisign, and others.

Anycast for TCP protocol is more difficult since the connections must maintain state and can have long keep alives. However, more and more CDNs are providing Anycast solutions for HTTP.

Although Anycast is more difficult to set up and troubleshoot in comparison to Unicast, Anycast DNS and HTTP services can help turn a fast site into a blazing fast site, thereby improving your end users’ experience and satisfying one of the most crucial aspects of your site’s marketing initiative.

Network Reachability
BGP Monitoring
SLA Management
This is some text inside of a div block.

You might also like

Blog post

Traceroute InSession: A traceroute tool for modern networks

Blog post

Mastering IPM: Key takeaways from our best practices series

Blog post

DNS security: Fortifying the core of Internet infrastructure