Fallback to IP if DNS is down?

[tommarnk]

what about fallbacking to ip if the dns is messed up?

like say try malwarebytes.org first, if down then try 69.162.79.74

[TerryS]

what about fallbacking to ip if the dns is messed up?

like say try malwarebytes.org first, if down then try 69.162.79.74

On the upside -- just record the IP with every update to Malwarebytes program or infection database, so it's always current.

On the downside -- being a new Malwarebytes user, I am not familiar with its user base. But if there are a lot of users, this could bring their updating system down, if every user was specifiying the same IP. With DNS, you can round-robbin the IPs so multiple, mirrored servers can handle a high volume of requests...if that is what MB does.

I like the idea, too.

[AdvancedSetup]

MBAM now uses a network of over 900 Servers spread across geographically different regions of the World.

Very unlikely the system is going to go down now. In the past yes there were only 2 Servers for everyone in the World.

[TerryS]

MBAM now uses a network of over 900 Servers spread across geographically different regions of the World.

Very unlikely the system is going to go down now. In the past yes there were only 2 Servers for everyone in the World.

Holy cow! That's amazing!

What I meant, though, was that if people were specifying a static IP address and, therefore, all attempting connections to the same exact server, the system could go down. Assuming simple DNS round-robin and not something more complex. Though I supposed round-robin-ing the IPs provided to users on update would avoid the problem, anyhow.

[tedivm]

Let me clarify and update a few things here.

We are using a content distribution network to handle the updates. This CDN has multiple datacenters (19+ on last check) all over the world (North America, South America, Europe, Australia, Japan, to name a few). Each of these datacenters houses thousands of machines.

The number that keeps flying around- 900- describes not the number of servers, but rather the number of connections between the datacenters and local ISPs (or 'points of presence'). The datacenters don't just connect to trunk lines (although it does connect to those), but to local ISPs in various regions. This lowers the latency and number of hops a user needs to go through for an update. The datacenters themselves are connected with dedicated fiber, letting us push out updates quickly from one area to another.

DNS is also handled much different than your standard round robin. With a round robin there is essentially a list of IP addresses which get sent out sequentially, and that is what handles the distribution of requests. The current set up we have actually takes into account the users location so they get routed to one of those 900 points of presence with the best route possible. This also lets us route around problems- for instance, last week the Toronto datacenter dropped, but no one noticed because all the routes were updated and requests sent off to a different datacenter.