Use a reliable DNS provider (your host, Cloudflare, Route53, etc.). Set TTLs low for records you may change often; higher for stable records. For failover, use health-checked DNS or a global load balancer.
Where to host DNS
- Your host: Some providers include DNS with hosting. Convenient; ensure they offer good uptime and low latency.
- Dedicated DNS: Cloudflare, Route53, NS1, etc. Often better resilience, global anycast, and features (DNSSEC, health-based failover). Use when DNS is critical.
- Redundancy: Use at least two nameservers (often in different networks). Required for delegation (NS records).
TTLs
- Low TTL (e.g. 60–300 seconds): For records you might change soon (e.g. before a migration or failover). Faster propagation but more DNS load and slightly slower resolution.
- High TTL (e.g. 3600–86400): For stable records (e.g. MX, TXT for SPF). Reduces DNS load and speeds up resolution. Change TTL down before a planned change so caches expire sooner.
- Balance: Don’t set everything to 60; use low TTL only where you need flexibility.
Failover
- Health-checked DNS: Provider periodically checks your endpoints and returns a different IP (or NXDOMAIN) if the primary is down. Users get directed to the healthy endpoint after TTL expiry.
- Global load balancer: LB does health checks and returns one or more IPs. DNS points to the LB. Combines load balancing and failover.
- Manual: For planned failover, lower TTL in advance, then change the record. Wait for TTL to expire (or use a DNS flush tool for testing).
Summary
Use a reliable DNS provider; set TTLs according to how often records change. For failover, use health-checked DNS or a global LB. Keep at least two nameservers.
