Geo boundaries limit select DNS responses to clients within certain geographic boundaries. Clients outside those boundaries may be given a fallback response or no response at all.
Boundary determinations on the internet are necessarily imprecise. As such, they are always best effort. Nonetheless, boundaries can be quite useful for guiding a majority of users to the preferred destination.
Start by configuring one or more boundary routing definitions at Routing -> Boundaries -> Add Geo Location.
Name: a name for this boundary
Locations: one or more geo location names (space separated)
; Configured boundary: Name : Americas Locations: nam sam
Next, assign your boundaries to host records.
; Configured host: www.your-domain.com A 192.0.2.1 Boundary=Americas
With the above configuration, users in North America (nam) and South America (sam) will be routed to 192.0.2.1. Everyone else will receive “domain not found” because there is no fallback.
www.your-domain.com A 192.0.2.1 Boundary=Americas www.your-domain.com A 198.51.100.1 Boundary=(not set)
Here, users in North and South America will continue to be routed to 192.0.2.1 but now everyone else will be routed to 198.51.100.1. That’s because there is both a boundary and non-boundary record for the same name/type (
Some DNS resolvers do not scope their cache for “no response” answers. Using boundaries without a fallback deliberately returns “no response”, which can then trigger odd results. If the host records are intended to be queried using broadly available DNS resolvers, it is strongly recommended to add a dummy fallback record (eg:
www.your-domain.com A 0.0.0.0 Boundary=(not set)). On the other hand, if the boundary is used to constrain access to a known and limited set of resolvers (eg: a corporate office), then no dummy fallback record is required.
Boundaries may be assigned to A, AAAA, and ALIAS host record types.
IP and geo boundary routing are processed together. A client that matches both an IP boundary and a geo boundary will see both records. A fallback record is only used if neither an IP boundary nor a geo boundary match.
IP and geo boundaries are processed before Geo-closest.