[Cialug] network solutions
Pixie
pix at kepibu.org
Thu Jul 18 12:23:47 CDT 2013
On 2013.07.18 10:47, Daniel A. Ramaley wrote:
> On 2013-07-17 at 23:43:24, Pixie wrote:
>> I strongly prefer to keep DNS provider and Registrar separate
>
> I definitely agree. I use my registrar purely as a registrar. They offer
> DNS and e-mail hosting (maybe even some web space, i don't remember) but
> i don't use those. It is easy enough to host my own.
>
>> My DNS is handled by Linode's DNS servers, informed by a hidden master
>
> That's also the direction i'm moving towards. I have 1 Linode right now
> that does web and secondary DNS. I still run my primary DNS at home, but
> as soon as i get around to spinning up another Linode, then i'll have
> public DNS completely outside. I'll keep my master at home, but hide it
> you've suggested.
>
> Just curious, which DNS software have you settled on for your public
> servers? I'm still using Bind, but it seems like overkill for such a
> task.
I don't run the public-facing DNS servers, Linode does[1] (it's included
with hosting, all that's necessary is setting up a domain as a slave
zone rather than a master zone). Linode runs bind; my master is
currently NSD[2], with iptables set up to only allow Linode's DNS
servers to talk to it, and NSD itself configured to only talk to
Linode's DNS servers.
[1] Obviously that means I'm trusting them with both my DNS and VPS,
but if I were running DNS servers entirely on their platform that'd
essentially be true anyway.
[2] The fact that bind now supports automatic DNSSEC signing and key
rollover might actually push me to switch back, though. Manual
management of that stuff is a PITA, which is why I don't currently
bother with it.
More information about the Cialug
mailing list