Tuesday, December 1, 2015

domain name system - DNS Question: Run own server, use registrar's, or 3rd party company?



I was wondering... whats the best place to host DNS at? For quick propagation, security, and etc?



I always hosted DNS on my own server.... which gave me a lot of control.... but hosting DNS on the same box as http is never a good practice. What are the advantages of using the domain registrar's dns and simply poining the A record to your ip? What about those commerical DNS hosting companies, that charge ~$35/year for it. Are they worth it?


Answer



I can tell you reasons for and against, from my point of view.




First, I run my own servers. Why I do this is both for professional reasons (I write DNS software for a living) and historically geeky ones. I used to love running my own stuff, doing what I wanted with it, and spending hours a day tweaking this or coding up that.



The reasons you might want to run your own as well are many, and you touched upon a few big ones: If you run your own, you have full control, full knowledge that what you put in is what you get out, and no one to fight with on the phone when it breaks.



The reasons against it are: you are all on your own if it breaks, you have to deal with any upgrades of software needed, and you have to understand zone files and other bits.



Now, if you choose to have someone else host it, I would look into these things. Remember, this is somewhat geeky -- many won't care about some of these features, but I would.




  • Do they support DNSSEC? If not, will they soon? There are a myriad of other questions to ask here, like will it cost more to use DNSSEC? How are keys handled?


  • Do they serve over IPv6? If not, will they soon?

  • How much control do you have over your zone? Suppose you want to add an "unusual" record, can you?

  • How geographically distributed are their systems?

  • How much does their editing UI suck? It will, probably. Just how much is the question.

  • Can you update via dynamic DNS?



I finally chose to run my own server, but have someone else actually serve my zones to the public. sns.isc.org pulls from my servers, so I maintain all the content, just don't have to worry about the big headaches.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...