What are the Benifits of Running Your Own DNS? 98
baileyjs asks: "I help run a small web development firm, and we are always trying to save money, but not at the cost of service to our customers. We currently purchase DNS services from our ISP, but are looking at getting our own rack. I was going to put some DNS servers there when I saw that Network Solutions offers free DNS. All our of domains (about 150) are currently on Network Solutions, so transfer is not an issue. Why shouldn't I use Network Solutions? Why should I build my own? What reasons, besides 'Network Solutions is Evil', can I give my boss?"
Speed of Service (Score:4, Informative)
The downside is that you have to make sure these machines are secure, hence there is an overhead to it all.
Do Both (Score:5, Informative)
But sometimes it's great to be able to do quick changes for test/development and such so you can either delegate a sub-domain that you run internally or you can set up a test/dev domain and run your own DNS for that one.
Re:Do Both (Score:2)
Re:Do Both (Score:3, Informative)
"no MX record exists"
whereas if your DNS was up while your mailserver was unreachable, the sending mailserver would spool the message and retry at various intervals until it went thru, with no error messages generated.
This is another one of those "ask slashdot" questions that summarize to, read the oreilly book...
Re:Do Both (Score:1)
If all the DNS servers for your domain are unreachable, then any MTA I know of will consider it a temporary failure and keep trying. This is completely different from successfully performing a DNS query and being told t
Re:Do Both (Score:1)
Re:Do Both (Score:1)
This makes no sense. DNS propagates on demand only - it's not as if changes suddenly start flowing across the net on their own from high gro
Re:Do Both (Score:3, Informative)
This is especially important if you only have one data line - dual DNS is useless if both servers are on the same connection
secondary.org [secondary.org] provides free secondary DNS for anybody who wants it. I have them as secondary on a couple of domains I host on my cable and it's all good.
Re:Do Both (Score:2)
twisted4life offers secondary dns for 10 domains free, and lets you pay for more.
Use dyndns (Score:2, Informative)
Instant changes
Re:Use dyndns (Score:2)
Hopefully the uninformed moderator who made it offtopic will get busted in Meta-Moderation.
Re:Use dyndns (Score:1)
Re:Use dyndns (Score:2)
'Instant' Changes (Score:2, Informative)
Of course there are other issues that will delay the propogation of your changes but with things like adding a new subdomain there is no delay. (Always be sure to increment your serial!
The other reason we use our own DNS is so that additions can be automatically handled t
Re:'Instant' Changes (Score:2)
You can't make changes at the drop of a hat that way, but you can make them with minimal downtime.
Netsol costs more. (Score:5, Interesting)
If you are unsure about the format, use a zone-xfer to get them to TinyDNS format. Then your DNS is 100% under your control (easy updating!), cost effective (TinyDNS needs to maintenance), and has a light impact on the server (usually 1 second of CPU time for every few days + a few hundred kb of HD space). On top of that, you can transfer your registrations to an alternative registrar (like Joker) which would be cheaper in the long run.
Re:Netsol costs more. (Score:3, Insightful)
Then someday I had to configure BIND. I went crazy. It's got so many unnecessary things that you need to look into....
TinyDNS rocks.
Nandz.
Re:Netsol costs more. (Score:1)
Re:Netsol costs more. (Score:2, Informative)
Re:Netsol costs more. (Score:1)
vendor independence (Score:3, Informative)
On the other hand, many other registration services also offer included DNS, so it's not that big of a deal.
Personally, I would probably use the "free" service that you already overpaid for. I would also switch to a less expensive company for future registrations and renewals.
Remember backup DNS. (Score:3, Interesting)
Remember that the backup DNS really shouldn't be geographically located near the primary. Even though 9/10 they are on the same network sadly.
Re:Remember backup DNS. (Score:2)
Yes, it would be terrible if your network is down and people weren't able to resolve your hostnames in order to connect to your web servers which are also down. Really, what's the point of that unless you have multiple geographically diverse webservers as well?
Re:Remember backup DNS. (Score:4, Informative)
Yes, it would be terrible if your network is down and people weren't able to resolve your hostnames in order to connect to your web servers which are also down. Really, what's the point of that unless you have multiple geographically diverse webservers as well?
The Web is not the internet, when will people get this? It's very cheap to pay a hosting company a monthly fee to provide a backup mail server to spool when your primary is down. Secondary NS's should be available if the primary goes down if just to keep mail working properly.
In addition, there are many free services out there like GraniteCanyon that will host your secondary ns for free. So there really isn't a reason to do it wrong.
Re:Remember backup DNS. (Score:1)
Practically every mail server on the planet will keep retrying delivery for several days. Unless you have complete control over your secondary MX's configuration, in particular its anti-spam configuration, and the secondary MX has an alternate path to your users you're better off without
Re:Remember backup DNS. (Score:2)
There may be no point to *you* in that situation, but for every other server or client that needs to connect to a resource on your domain, each and every single lookup that has to go to the zone's authoritative nameservers will cost the requestor to wait for a timeout. From the point of view of "well, they can't get to my stuff anyway, 'cause it's all down", sure,
Re:Remember backup DNS. (Score:1)
Re:Remember backup DNS. (Score:2)
Had you not read my post? I had clearly stated that:
It's very cheap to pay a hosting company a monthly fee to provide a backup mail server to spool when your primary is down.
If e-mail is important to you, there really isn't a reason why you can't have two dns servers on different networks. It's cheap
Re:Remember backup DNS. (Score:1)
Re:Remember backup DNS. (Score:2)
I made the same statement that you did once, before I was enlightened by an old-timer on the BIND-users mailing list.
Re:Remember backup DNS. (Score:2)
Of course, much of the reason was the poor performance of the ISP's name servers. I think they're better now, but they're still not very fast. I've found I can get better response with several name servers that are farther away. For example, I mentioned it to an admin for
Re:Remember backup DNS. (Score:2)
As mentioned, Internet != web. Even there, though, it's the difference between "this server seems to be down" and "there is no evidence that this server exists". If I'm having a problem with my server, then at least would-be visitors have an indication that a website should be at its address and will hopefully try again later.
Re:Remember backup DNS. (Score:1)
Sadly, Internet Explorer conceals this very salient difference, so 90% of people have never had the distinction enter their field of consideration.
Control, speed, and more. (Score:3, Informative)
I run my own DNS for my personal server, so that I can make changes and they are instant to me, since I configured my Winders XP box to reference my server for DNS.
There are lots of neat things you can do by running your own but personally I like it because you can run hundreds of domains off of one small box that has some decent memory in it, and it won't go down unless there is hardware failure.
So, in my opinion, if you have the resources, then there is no reason NOT to. Go for it!
We used to host our own... (Score:3, Informative)
I can't think of a reason to host your own corporate DNS. For personal DNS - i.e. you browsing the web, etc., you can control timeouts and your queries are processed much faster - but for corporate DNS, outsource it.
Be afraid of free though. Free generally means no guarantee. Of course NetSol hosts one of the root servers so I guess you'd expect their data lines to be fairly redundant.
We currently use UltraDNS (http://www.ultradns.net). They've been fantastic and have a terrific interface for making changes. Requires some knowledge but we've *never* had a DNS problem since switching two years ago.
--T
Re:We used to host our own... (Score:1)
Fine tuning the settings could possibly be another reason but most smaller sites (anything less than say, eBay, Google, Microsoft, Slashdot) can get by without much specific configuration.
--T
Re:We used to host our own... (Score:3, Insightful)
Authoratative server: ie, answering queries for domains you control. The arguments for keeping this in-house are the same as any other mission critical service, not worth restating. If your company outsources critical functions, might as well outsource auth DNS as well.
Caching server: ie, collecting answers to queries for clients. This is an overlooked critical piece, IMO. Cache poisoning is a real security risk,
You were using MS Windows for that? (Score:2)
Eh? I run my own. Many of my customers, even small ones, run their own. They tick over quietly, day after day, year after year. I (they) get as much control as I (they) want, instant updates, and a choice of how to specify those updates (hand edit, web form, automated etc). For vanila-flavoured domains the zonefiles are all pretty much identical anyway.
For outgoing DNS queries, the traffic and time saving through query cacheing is not huge, but it is t
Benifits? (Score:1, Funny)
That said, for all intensive purposes, you shouldent be making arbitrary changes like that anyway, I no for me I could care less how responsive it is as long as DNS changes propogeat within a few hour's.
Re:Benifits? (Score:2, Funny)
You really shouldn't criticize other's spelling, since for all intents and purposes, it makes you look pedantic.
Re:Benifits? (Score:2, Funny)
Re:Benifits? (Score:1)
A pedant is:
One who puts on an air of learning; one who makes a vain display of learning; a pretender to superior knowledge.
In otherwords, typical
Re:Benifits? (Score:2)
Re:Benifits? (Score:1)
Everyone knows something, even an idiot, and to be pedantic is simply to show off what y
Dear UneducatedLayman... (-: (Score:2)
I think my GP should have said catachrestic [reference.com], which would both have been more correct and more interesting, as well as letting you
Re:Dear UneducatedLayman... (-: (Score:2)
Try reading the whole thread, then take your trolling crap elsewhere. I do know what a pedant is, but you don't seem to understand that without a foundation it's a hard climb to a successful argument, or in this case to the successful application of a word in a sentence.
I should have expected as much on Slashdot.
Hey! You paeded first! (Score:2)
Done. And...?
Loser's limp if ever I saw it. (-:
Re:Benifits? (Score:2)
Also, while we're at it, you mean "others'."
More control (Score:2)
For flexibility, redundancy (Score:2)
Benefits of hosting DNS (Score:4, Interesting)
I am hosting 7 domains, and 2 of the domains have 20 subdomains each. A friend on a different ISP hosts my secondary and I host his. Quite honestly, with a static IP, you dont really need DNS services at all, unless youre virtualhosting, in which case self-hosting DNS is best since you send out zones once, and just leave it there. They only change when you edit the zones.
Running BIND on a static IP server and not changing anything has low overhead, and it doesnt take much skill or time. However if youre only hosting 2 domains, not too many subdomains, usually the hosting providers offer a basic DNS service for free. Might as well use that till you hit their cap.
Markup and clueless clients (Score:2, Informative)
Advantages (Score:3, Funny)
The possibilities are limitless.
Imagine having the ability to provide your customers with customized pointers to
You can point them to your own range of services, or to a clumsy-looking buck-toothed site "Doh! We're dorks!".And that doesn't even begin to enumerate the lucrative possibilities of being a window to various on-line casinos and to paypal...
Not evil... (Score:2)
Home DNS? (Score:2)
Re:Home DNS? (Score:2, Interesting)
I started running DNS at home when all I had was a desktop PC and a dialup PPP connection. To tell the truth, I forget exactly why I felt it necessary to start running it, but now that there are (ahem) considerably more than one computer in the house, DNS is indispensible. You asked about benefits?
Re:Home DNS? (Score:1)
Re:Home DNS? (Score:1)
Best way to implement is to ge
Re:Home DNS? CACHING, baby!!! (Score:1)
By and large, one of the simplest DNS features to use on a home or home-office level is a DNS caching server. It usually involves setting up a full-blown DNS server (Micro$soft, BIND, etc.), but you can configure it to only cache DNS entries you've requested. You'll instantly see a return on that endeavor by not having to always seek out your ISP's DNS servers (which can be down, slow, under attack, whatever) for name resolution.
Then, configure your internal DHCP or IP configurations to use your interna
Speed is not a reason (Score:2)
Re:Speed is not a reason (Score:5, Informative)
When your new ttl has propogated to everyone, you can make your changes, which will apply in 5 minutes, then restore the old ttl.
These sorts of changes are not as easy to make with an external DNS provider, though they can be done.
Re:Speed is not a reason (Score:2)
Unfortunately many large ISPs ignore the TTL field and update on their own schedule. The result will still be up to a week to update the DNS.
Re:Speed is not a reason (Score:2)
Re:Speed is not a reason (Score:2)
Re:Speed is not a reason (Score:1)
run your own primary DNS with an off-site 2ndary (Score:5, Informative)
You need a secondary DNS in case your site is cutoff from the net (backhoe cuts your cable), or if your ISP has routing/service problems, or if you suffer a loss of power for an extended period of time.
Loss of DNS service is more than people simply not being able to reach your site, loss of DNS service means EMail bounces (servers return EMail if they can no longer resolve your domain). Loss of DNS service means that web browsers tell your customers that you do not exist instead of simply telling them that you are down / not responding.
You want a secondary DNS that is located " elsewhere ". You want it far enough away that a single regional disaster (power outages, floods, earthquakes, etc.) does not take out both your primary DNS and your secondary DNS. You want your secondary DNS to have a distinct set of service providers to increase the chance that sites will be able to resolve your domain if the regional network is partitioned.
Run your own primary DNS. Make it a non-caching, non-forwarding, static, only answers queries for the domains it is authoritative. Then pick 1+ secondary DNS services that will slave off of your DNS master keeping in mind the points raised above.
One example of a secondary DNS Service is BackupDNS [backupdns.com]. They are inexpensive: Secondary DNS hosting your 150 domains would cost $28.50 US per month ($0.19 US per zone per month). They let you be in full control of your DNS service: Their site lets you new add zones, update (purge your zone on their servers and then force an reload) or remove zones on the fly. They will be a backup MX site if you like. They can even grok TSIG to improve the security of zone transfers. The BackupDNS [backupdns.com] folks are clueful, efficient, reliable and (unlike NetSol/Verisign) non-evil. I'm sure there are other secondary DNS Services that are both clueful, inexpensive. I mention these folks because we have had years of flawless secondary DNS service from them.
To sum it all up: Run a primary DNS to maximize the control and flexibility over your own domains. Use a clueful off-site secondary DNS service to maximize the chance that others will be able to resolve your domain.
Re:run your own primary DNS with an off-site 2ndar (Score:2)
Two very good public DNS services that will act as secondary for you:
They'll also act as primary, dynamic, etc. Both free, but of course they take donations! :)
Re:run your own primary DNS with an off-site 2ndar (Score:2)
Re:run your own primary DNS with an off-site 2ndar (Score:2)
Usually, MUAs just pass mail off to the ISP's MTA. Did you mean to say MTA? I have not tested the behavior of MTAs in the event of various types of network failures and
Host Your Own (Score:2)
1) I don't ever have to rely on someone else's DNS listing being accurate OR up
2) I can make changes and they are immediately propagated to my entire LAN
3) ability to prevent man-in-the-middle attacks
Malachi
Use IPs instead (Score:1, Funny)
Re:Use IPs instead (Score:1)
Re:Use IPs instead (Score:1)
You have to be joking me. You can easily put each site in its own subdirectory and host as many sites as you want. I mean I meant my post as a joke, but come on it could work if you really wanted it to.
The real reason to use dns isn't the fancy names, it is the location transparency the domain name offers. You can change IPs when ever you want (accounting for the delays in DNS propagation of course), and all you have to do is make the dns entry point to the new IP.
Re:Use IPs instead (Score:1)
Re:Use IPs instead (Score:2)
OpenNic (Score:2)
One big advantage is you can set your root servers to something other than the Verisign monopoly. For your users than you can transparently connect to those weird sites that don't end in .com. Not helpful if you are only hosting websites, but if you have users using your server it is important.
Other outsources DNS services (Score:2)
FREE
http://www.everydns.net/
http://www.dynd
For pay
http://www.easydns.com/dnsmanage.php3
http:
SRV (Score:2)
will let you do DDNS, SRV records, or dynamic SRV.
DIY (Score:2)
Now Register.com offers DNS with domains registered thro
Only way to go (Score:1)
Do it, it's easy (Score:2)
You control your own DNS, you can control all the sub-domains for free, manage them however and whenever you want, and I think the lag time is smaller from when you make the change and when it actually works (probably not, but you could tell your boss that... time is money, afterall.... right?)
The only problem I can see is getting someone to manage the 150+ domains. But if you current staff is capable, then I s
I use Network Solutions now. (Score:2)
I started out doing my own DNS. I wanted the flexibility and complete control of running it myself. After diligently updating bind versions for a long time, I missed one. A 1337 h4x0r quickly exploited my system. Luckily, he was dumb enough to reboot the box, and broadcasted a message saying "you are owned". Yup, time for an OS re-install.
I tried a cheap DNS hosting
Another option: running a stealth primary... (Score:2)
Another option that hasn't been fully covered in this thread is the notion of running a stealth primary.
We have a lot of users who run a primary nameserver but never list it as an authoritative nameserver in the DNS. Then they use someone (yes, like us, or anyone...) to pull secondary from them.
This way they control their zone and TTLs but if they are running their nameserver off one machine or a DSL line or something and it goes down all of their DNS servers are still operating and serving data.
It's a
DYNDNS and other free dns hosting are unreliable (Score:1)
How about using EveryDNS... (Score:1)
They are others like Zoneedit but EveryDNS is free or donation based. I've not had a single problem with any of the domains I have with them.