Cloud, Edge, IoT

  • TYPE: Combined Session DATE: Wednesday, May 13, 2020 TIME: 17:30-18:30 LOCATION: CHIEMSEE


As the industry iterates beyond simple cloud deployments, application & identity architects confront new challenges in deploying and managing complex application instances which span the globe across multiple provider regions. Rapid failover from one region to another is a critical component for these distributed applications- but did you know how much your cloud DNS service and DNS architecture impact the speed that traffic can be rerouted from one region to another? In this talk, Jon Lehtinen shares his experiences testing several DNS architectures, and highlights how different resolution methods, failover policies, and other seemingly inconsequential components greatly impact how instantaneous- or not- your failover can be. Join him as he walks through tests of several cloud DNS architectures in search of instantaneous failover.

Key Takeayways: 
1) Even in well-architected, multi-region application deployments, there are significant differences in failover times based upon the DNS resolution method selected. Balancing region selection/geolocation with speed of recalculation on regional failover is not as rapid as one would think- and I have the benchmarks that prove it.
2) There are several additional, subtle settings which greatly impact the failover speed from one region to another within a cloud service- things like TTL on the DNS service itself, the frequency, timeout duration, and failure threshold of health checks, as well as the nature of the load balancers distributing traffic to application nodes. I also have data that show the impact of each of these items.
3) There may be a true, lower limit threshold for failover speed across regions when using native cloud services like Route53 that enterprise architects need to be aware of when designing their applications and anticipating their app's tolerance for interruption during failover. The instantaneous failover may need to start within an organization's own network and then step into the public cloud as it seems possible to narrow the window for failover to below the threshold for triggering an outage alert, but not below the notice of an API call or automated process.
4) The quickest failover methods require a significant number of DNS aliases, health checks, and routes, all of which need to be updated each time any of the DNS endpoints get updated. As such, a mature infrastucture-as-code process is a must to maintain the best designs, otherwise the opportunity for human-introduced error is very likely.


Jon Lehtinen specializes in both the strategy and execution of Identity & Access Management transformation in global-scale organizations like General Electric, Apollo Education Group, and Thomson Reuters. He works to deliver Identity solutions that provide the bedrock for information...


Quick Links

Become a Part of It!

And get your early bird discount

Stay Connected


Munich, Germany


European Identity & Cloud Conference 2020

Registration fee:
€1600.00 till 15.04.2020
$2000.00 till 15.04.2020
S$2560.00 till 15.04.2020
23100.00 kr
17600.00 kr till 15.04.2020
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 12 - 15, 2020 Munich, Germany
Attendance Opportunities


The European Identity & Cloud Conference 2020 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00