Here’s something most web hosts won’t tell you: your site can be perfectly healthy — server running, files intact, database humming along — and still be completely unreachable. All it takes is a DNS failure.
DNS is the phone book of the internet. When someone types your domain into a browser, the first thing that happens is a DNS lookup — translating your domain name into the IP address of your server. If that lookup fails, the browser gives up before it ever tries to reach your site. Game over.
How Most Hosts Handle DNS
Most shared hosting providers point your domain at a pair of nameservers — ns1.somehost.com and ns2.somehost.com — that often run on the same physical infrastructure, in the same data centre, sometimes on the same server. It looks redundant on paper. In practice, if something goes wrong with that infrastructure, both nameservers go down together.
Others outsource DNS entirely to their domain registrar and call it a day. It works until it doesn’t.
What We Built Instead
We wanted something properly redundant — not the appearance of redundancy. So we built our own clustered DNS infrastructure based on NSD, a high-performance authoritative nameserver used by some of the largest operators on the internet. NSD is deliberately minimal — it does one thing (answer DNS queries) and does it very fast, with a tiny attack surface.
Our current cluster runs two nodes deployed on Oracle Cloud Infrastructure — one in Sydney, one in Melbourne. These are geographically separated by over 700 kilometres, on independent power grids, independent internet exchanges, and independent physical infrastructure. A fire, a fibre cut, or a data centre outage that takes down Sydney has no effect on Melbourne.
Self-Healing Peers
The interesting bit is how the nodes stay in sync — and what happens when they don’t.
Under normal operation, DirectAdmin (the control panel managing all hosting accounts) acts as the authoritative source of zone data. When anything changes — a new account provisioned, a customer updates their MX records, a domain transfer completes — DA pushes the updated zone to all NSD nodes simultaneously. Every node gets the change at the same time. In practice this means DNS propagates across the cluster almost instantly.
The resilience story is what happens when a node is offline at the moment of a push. Say Melbourne is unreachable when a zone update goes out — Sydney gets it immediately and starts serving the new data. When Melbourne comes back online, it doesn’t just sit there stale. Each node runs a reconciliation loop that checks in with its peers; Melbourne detects it’s behind Sydney, pulls the missing zone updates directly from the surviving peer, and catches up automatically. No manual intervention, no support ticket, no stale records.
There’s also a second safety net: an hourly loop that checks in with the DA master nodes directly. If a node has somehow missed an update that the peer reconciliation didn’t catch — unlikely, but possible — this loop finds it and pulls the zone from the source. Two independent recovery paths means a node essentially can’t stay out of sync for long, regardless of how it went offline or what it missed.
This architecture didn’t come from a whitepaper — it came from years of running DNS in production and learning exactly where the gaps are.
We’re also planning a tertiary node closer to home — which would mean three geographically separated nodes answering queries for your domain at any given time.
What This Means for You
For most customers, this is invisible infrastructure — and that’s exactly the point. Your site stays reachable even when things go wrong somewhere in the stack.
For our reseller customers, there’s an additional benefit: your custom nameservers (ns1.yourbrand.com, ns2.yourbrand.com) run on the same clustered infrastructure. When you tell your clients their DNS is clustered and geographically redundant, you mean it.
It’s the kind of thing that most small NZ hosts have never thought about. We have — because we’ve seen what happens when DNS isn’t treated seriously.
Interested in hosting that’s built on infrastructure like this? View our shared hosting plans or get in touch if you’ve got questions about how it all fits together.