By John Todd
This week Quad9 added another 12 cities to our anycast array of recursive DNS servers, bringing the total to 118 locations! That brings our total new clusters to 18 since our launch in November. Stay tuned – we have many more in the pipeline for deployment and activation.
BKK Bangkok, Thailand
VNO Vilnius, Lithuania
CMB Columbo, Sri Lanka
SGE Siegerland, Germany
PSS Posadas, Argentina
NDD Luanda, Angola
KBP Kiev, Ukraine
KUL Kuala Lumpur, Malaysia
NBE Enfidha, Tunisia
HRE Harare, Zimbabwe
LYS Lyon, France
TLL Tallinn, Estonia
A casual browse of this list shows quite a few cities that many providers wouldn’t target. There is a critical reason for this, one that is core to the Quad9 mission.
WHY AT THE EDGE?
Most technology providers choose locations based on population, economic opportunity or other profit-driven motivation. The usual city list for an Internet-based service would be something like Frankfurt, Palo Alto, Amsterdam, Sydney, London, Reston. These are without a doubt some of the wealthiest and most richly-interconnected cities, and there is a good reason to connect with that infrastructure: users from industrialized nations spend the most on the Internet. With that perspective, a company motivated by the bottom line of a profit margin will place systems closest to the densest populations with the most disposable income to spend. Less populous and less wealthy locations around the globe are left sending their Internet traffic over progressively longer distances to reach critical or interesting services. The result is that those in emerging or less-dense markets often have slower service, less reliability, and more opportunity for interception or manipulation of their Internet traffic.
Quad9 is a not-for-profit organization founded on the premise that everyone should be able to enjoy a base level of security, privacy, and performance on the Internet regardless of location or economic circumstances. Our criteria and strategy regarding our global footprint are different than a profit-motivated corporation. We want to serve everyone, everywhere with secure, private DNS – not just people in industrialized nations. DNS is both latency-sensitive as well as security-sensitive, and our deployment model is specifically designed to push our DNS services out to the very edges of the world in places where most other systems will not or cannot deliver excellent service.
Don’t take this to mean that we don’t locate systems in the most accessible and dense network nexus locations, just like every other service provider – we are in most of the major exchanges already such as Reston, London, Amsterdam, Frankfurt, Singapore, and the other common big-network interconnect exchange points. The focus as we grow our network footprint is to be in every country and every city in which we can deploy our service, regardless of economic weight, population density, or pre-existing network infrastructure.
The Quad9 architecture is different than most CDN or DNS services in that:
- Our systems are located across a widely diverse geographic footprint
- Our systems primarily depend on peered interconnection, not paid transit
We have purposefully chosen to locate our equipment in places that are as widely geographically dispersed as possible, typically at interexchange (IX) locations. These are the places where local ISPs, universities, large companies, telephone companies, and other networks converge to exchange traffic.
Almost every nation has an IX at this point, and many countries have multiple IX fabrics. PCH, one of our primary sponsors, has network capacity and space in these facilities. We have chosen to deliver our services using their network as the first step in our roll-out plans. This choice puts us in an excellent position to service a large number of user communities without having to build a network or full set of peering relationships from scratch, though we are building our own interconnection and deployments in parallel with that of PCH. Connecting to a new participant on an IX is a simple matter of configuration on a router port and not the complicated logistics of running fiber or wires across a countryside. We have service delivery in some areas that see very few other interested providers – distant, high-latency islands such as Vanuatu and Grenada, or network-underserved nations such as Haiti and Liberia. Building IX facilities improve the network throughout a region and in turn the end-user experience, which increases end-user demand, which in turn causes more networking infrastructure to be built. This virtuous cycle is continued when we deploy recursive instances into the IX – better, safer DNS means more people will use the network, which drives even more Internet use. We think that secure DNS is an infrastructure service that should be deployed at every IX, in every corner of the world.
Inter-eXchanges are one of the best places to install equipment and get packets to end users, and they come with a side benefit that allows our second differentiator: we almost never have direct costs for our packet delivery. Perhaps this sounds like a simple money-saving strategy, but it is actually the by-product of another important secondary goal of ours: to improve the interconnectedness of the Internet in general. We encourage networks to exchange traffic with one another (and us) at no cost. This is known as “peering” – for a quick description of peering versus transit, take a look at this explanation: https://arstechnica.com/
This peering model creates many side benefits that are not obvious beyond the economics: better speed for end users, better resistance against data interception, more resilience against intentional or unintentional restrictions of data (aka censorship or outages,) and a reduction in packet transmission cost for all other parties participating in the exchange. Using peering for interconnection instead of transit is one of the ways we have constructed our service in the anticipation that Quad9 will remain in operation for many, many years in the future without succumbing to market pressure cost-benefit analysis which would be a consideration if we were a for-profit corporation that relied predominately on paid transit. Peering builds a more robust and less expensive Internet infrastructure, and we encourage that development.
We think that Quad9 has a long-term, robust strategy for recursive DNS in our push to edge delivery strategy. Security features and privacy are inherent the offering and in our mission. We believe that keeping our systems closer to the end users keeps our third goal of “performance” in the forefront sustainably. Keeping DNS local is essential for technical AND non-technical reasons, and we hope to continue to keep building at the edge!
Stay tuned for even more cities in the next few months as we climb towards our 2018 goal of 150 locations.
If your ISP or IX wants to talk about how to get Quad9 deployed in your facility or network, please contact us at firstname.lastname@example.org, and we’ll be happy to start a discussion.