Getting started with IBM NS1 Connect®

The following steps provide high-level guidance for you to start building and managing your DNS resources, traffic steering configurations, and more in your NS1 Connect account.

Before you begin

If you prefer to use the NS1 Connect API, create an API key and refer to the API documentation.
If other people in your organization are participating in the POC or initial implementation process, you can add users to the account .

1. Add your DNS zones and records

Zones and records are the foundation of your DNS configuration. They contain a range of data about your domains that is critical to application and service endpoint availability. The type of zone you create depends on whether NS1 Connect is the primary or secondary DNS provider for the domain.

There are multiple options for adding zones and records to your account:

To set up NS1 Connect as your primary DNS provider: Create a primary zone and then add records to the zone manually. Alternatively, you can import a BIND-compatible zone file from your previous DNS provider.
To set up NS1 Connect as your secondary DNS provider: Create a secondary zone, specifying one or more primary DNS servers from which NS1 Connect will request zone data continually via zone transfers (XFR). Refer to Configuring NS1 Connect as a secondary DNS provider.
To configure multi-provider DNS without using XFR: Use Cloud Sync to establish an inbound data connection with an external provider, such as Amazon Route 53, and sync zone data to your NS1 Connect account. Refer to the Cloud Sync documentation.
Note: loud Sync is an add-on feature available only to accounts with the Premium plan type.

During zone creation, you will select one or more DNS networks to which you can publish the zones. All NS1 Connect accounts can publish zones to the Managed DNS network, which is a shared, anycast network with 26 points of presence (PoPs) distributed globally, providing fast, reliable, authoritative DNS service. Access to other NS1 Connect networks, such as a Dedicated DNS network or the Managed DNS network for China, are available as add-on features to certain plan types.

Note: Publishing the zone to a DNS network makes the data available on the authoritative nameservers, but it does not initiate traffic flow. You must update the nameserver delegation at the domain registrar for recursive resolvers to find the zone data during a DNS lookup.

2. Update the nameserver delegation at the domain registrar

When the zones and records are configured, you can update the nameserver delegation at the domain registrar to initiate traffic flow to the NS1 Connect nameservers assigned to each zone. If preferred, you can wait until you've set up monitors and defined a traffic steering configuration before updating the delegation.

The list of nameservers to apply at the domain registrar is availability within the relevant zone's NS record or in the Nameservers tab on the zone details page. Refer to Locating assigned nameservers for details.

3. Configure monitors to track endpoint health

Monitoring the health of your application endpoints and services is critical to an intelligent traffic steering strategy that responds quickly to network changes and trends. Data collected is pushed through a data feed and connected to corresponding DNS answers to inform traffic steering decisions.

There are three types of monitoring data sources you can use to automate updates to answers on NS1 Connect:

NS1 Connect provides native monitoring tools to track an endpoint's up/down status. Four types of NS1 Connect monitoring jobs can be configured: DNS, HTTP/S, PING (ICMP), and TCP.
If you are already using a third-party monitoring service, you can connect an external data source from a supported integration or use an API webhook to push collected data from your preferred service. Then, you can create data feeds that correspond to individual monitoring jobs. Refer to Third-party data sources for details.
If your plan includes the Pulsar add-on, you can use real user monitoring (RUM) data collected from active application users to inform traffic steering decisions. This solution is designed for applications that require multi-CDN switching, global server load balancing (GSLB), and other demanding applications. Refer to Creating RUM (Pulsar) applications and jobs for details.

After configuring data collection, you must connect the data feeds to the corresponding DNS answers via the answer metadata to enable automatic updates. The specific metadata field to which you will attach the data feed depends on the type of data being collected.

Refer to Connect a monitor to a DNS answer for instructions.

4. Create a Filter Chain

The Filter Chain enables advanced traffic steering technology to control and optimize traffic distribution across redundant application endpoints and services specified within a DNS record. Depending on the metrics that matter most, you can select from various traffic steering filters—combining and rearranging them to generate a custom routing logic. When the DNS record is queried, the list of answers is passed through each filter in the Filter Chain, from top to bottom, as each filter applies a unique processing method to either rearrange or eliminate answers based on some condition.

Refer to this topic to learn more about the Filter Chain and the topics in this section to learn more about the different types of traffic steering filters.

For quick reference, the following Filter Chain configurations represent common use cases we recommend using as you familiarize yourself with the different filter types. Note that the order of filters in the Filter Chain is important as answers are processed from top to bottom.

Up filter + Priority filter + Select First N filter: This Filter Chain supports automatic failover in an active-passive configuration, meaning one endpoint should take priority over others. If using this configuration, connect monitors to the Up/down metadata field for automatic updates and manually assign a priority value in the metadata for each (lower value = higher priority). When the record is queried, all down answers are eliminated, the list is rearranged in priority order, and all but the first answer in the prioritized list is eliminated before responding to the requesting client. Refer to Automatic failover for details.
Required answer metadata field(s): Up/down, Priority
Up filter + Shuffle filter + Select First N filter: Similar to above, this configuration also supports automatic failover—except, as part of an active-active configuration where all endpoints are equal. The Shuffle filter randomizes the answer list to avoid sending all traffic to a single endpoint. Refer to Automatic failover for details.
Required answer metadata field(s): Up/down
Up filter + (Geographic filter) + Select First N filter: Using one of the geographic filters in a Filter Chain allows you to direct requesting clients to the nearest available endpoint or for geofencing, where answers are eliminated based on the requester's location. Geographic filters function best when the EDNS client subnet (ECS) extension is enabled within the Filter Chain configuration and supported by the resolver. Refer to this topic to learn more about the geographic-based filters.
Required answer metadata field(s): Up/down, geolocation metadata (specific field varies depending on the filter you choose)
Up filter + Shed Load filter + Select First N filter: This Filter Chain supports an automatic load-shedding configuration based on load-related measurements collected by a third-party monitoring service and pushed to NS1 Connect. Refer to Automatic load shedding for details.
Required answer metadata field(s): Up/down, load-related metadata (either load average, active requests, or active connections)

Next steps

Monitor incoming traffic behavior based on the query reports and traffic distribution maps, adjusting the configuration settings as needed.
Explore alternative or more advanced Filter Chain configurations based on your organization's traffic steering objectives.
Set up alerts related to notify you about specific event, such as a status change to a monitored endpoint or if your account usage is approaching the plan limits.
If not already included in your plan, explore solutions like Dedicated DNS for network resiliency, RUM-based traffic steering for global server load balancing (GSLB) across complex networks, DNS Insights for advanced observability into your DNS networks and traffic steering behavior, or Cloud Sync for establishing multi-provider DNS without using XFR.