NS1's Filter Chain technology allows you to easily make a series of real-time decisions for each DNS query, so your users always receive the best possible answer. A Filter Chain is a configurable sequence of filters that are applied in real time—dynamically choosing the best answers for DNS queries.
Upon receiving a DNS query, NS1 first looks up a list of potential answers and then applies the Filter Chain to that list before serving an answer. Each filter interprets a list of DNS answers as the input, performs a simple transformation (e.g., sorting by geographical proximity or removing answers that are down), and then passes the modified list to the next filter in the chain. This process allows you to easily implement complex decision-making logic by chaining together simple, single-purpose components similar to the Unix pipeline.
Here's an example. For simple content delivery networks (CDNs), a common Filter Chain configuration contains three filters in the following order:
Select First N
Suppose you have the following answers configured in an A record (say, arecord.example_zone.com):
192.0.2.0 with two metadata fields set: up is set to
true, and georegion is set to
US-EAST. (Let's say this server is in Digital Ocean's NYC2 data center or some other east coast facility.)
192.0.2.1 with up set to
trueand georegion set to
(Let's say this is a server in a west coast facility.)
You can also connect data feeds to each answer—say, from a monitoring service or NS1 monitoring tools—to connect the "up/down" metadata to health checks. Refer to this article about failover for more information.
Now, let's walk through the query resolution process.
Suppose a query arrives for arecord.example_zone.com from a DNS recursive resolver with IP address
198.51.100.0. Then the query is resolved as follows:
NS1 loads the configuration for arecord.example_zone.com. It initiates the Filter Chain with an initial answer list like
The Up filter runs first. It examines the up metadata field for
192.0.2.0and then for
192.0.2.1. If either answer is set to
down, the answer is removed from the list.
If all answers are set to
down, the Filter Chain skips the Up filter entirely so as not to eliminate all answers.
The answer list that results is passed through the Geotarget Regional filter. This filter looks up the requester's IP address (
198.51.100.0) in the GeoIP database. The filter examines the answer list and determines the distance between the requester and the answer using the georegion metadata field.
The requester's IP is located in California. Because California is located in the
US-WESTregion, the distance between the requester and
0. The distance between
192.0.2.0is larger because the requester is not in the
US-EASTregion. The Geotarget Regional answer list is sorted by proximity to the requester.
The resulting list from the Up filter is passed to the Geotarget Regional filter. The filter sorts the answers by proximity to the requester. So if both answers are up, then the Geotarget Regional filter returns the following sorted answer list:
[192.0.2.1,192.0.2.0], reflecting the proximity of the requester to each answer.
Finally, we want to choose an answer to return to the requester. The Select First N filter keeps the first N answers from the list and discards the rest. By default, this value is set to
1, so the first answer (
192.0.2.1) is chosen, while
If you have multiple servers in each of your data centers, you can group them using the regions metadata field. The Filter Chain resolves metadata by:
Checking the value of the regions field in the answer itself,
Checking the region (if any) to which the answer is assigned, then
Checking the metadata for the entire record.
This metadata can be managed on the configuration page for the DNS record.
NS1 has a growing collection of filter algorithms. You can mix and match any of them together to achieve traffic management algorithms perfectly tailored to your application.