DNS only account
- Thread starter wdv
- Start date
nobaloney
NoBaloney Internet Svcs - In Memoriam †
As it stands now there isn't enough flexibility in the DNS control panel to offer a DNS service.
For example, you can't use the panel to setup multiple MX records to multiple email servers.
And there's another problem with hosting DNS: lots of clients, lots of changes, a reload of bind each time a single line is changed, and a lot of downtime. So DNS hosting really requires a master-slave solution, or even better, a solution where the changes don't get made until "commit time".
We've been hosting DNS (for single domains to hundreds of domains per client) for almost six years, and we've been using scripts running on Cobalt RaQs, manipulating the Cobalt-specific "records" file, which Cobalt-included scripts turn into zone files.
As the Cobalt RaQs have all reached EOL, we're currently investigating other solutions, but being a DNS provider isn't quite the "easy money" it looks like at first.
For example, our reverse DNS (in only one of our data centers) has been causing problems with mail to Verizon.net accounts for several days now, but it appears to be "by the book".
The good news is the reverse DNS in our other data center appears to be doing everything fine. Since the two data centers use different DNS servers we're attempting to get a handle on the situation by looking at the differences between how the two centers' reverse DNS is handled, but they use different DNS software as well.
Jeff
For example, you can't use the panel to setup multiple MX records to multiple email servers.
And there's another problem with hosting DNS: lots of clients, lots of changes, a reload of bind each time a single line is changed, and a lot of downtime. So DNS hosting really requires a master-slave solution, or even better, a solution where the changes don't get made until "commit time".
We've been hosting DNS (for single domains to hundreds of domains per client) for almost six years, and we've been using scripts running on Cobalt RaQs, manipulating the Cobalt-specific "records" file, which Cobalt-included scripts turn into zone files.
As the Cobalt RaQs have all reached EOL, we're currently investigating other solutions, but being a DNS provider isn't quite the "easy money" it looks like at first.
For example, our reverse DNS (in only one of our data centers) has been causing problems with mail to Verizon.net accounts for several days now, but it appears to be "by the book".
The good news is the reverse DNS in our other data center appears to be doing everything fine. Since the two data centers use different DNS servers we're attempting to get a handle on the situation by looking at the differences between how the two centers' reverse DNS is handled, but they use different DNS software as well.
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
The PowerDNS website says it doesn't need to reload because it reads each time from the database.
Sounds good but I'm not sure I'd trust it to keep up with DNS requests handling DNS for hundreds to thousands of very active sites.
According to it's documentation
(see: http://www.powerdns.com/products/powerdns/index.php
it's an authoritative only nameserver, and that's good, but it's not what most of us have gotten used to. True we've been lazy, but it means we can't point our servers (not even the one it runs on) to our own nameserver for resolution of other sites.
For those of us who want full control over our nameserver, that means we'd have to run another nameserver as well, for recursive queries.
I've just read their documentation on master/slave configuration twice, and I'm still not sure I understand it, but it looks as if using PowerDNS might be a problem if you rely on an external slave (which might not be running PowerDNS) for redundant DNS service.
Can you help me with understanding the master/slave issue? PowerDNS looks like something I'll want to investigate further.
You probably could run them together but you'd have to build your own software to listen on udp port 53 (as xinetd and inetd listen for TCP/IP on other ports), look up the domain in a database to see if it's a domain for which you're authoritative (it could do a lookup on the same database PowerDNS uses), and then pass on the request (again as xinetd and inetd do) to either Bind or PowerDNS, depending on the response from the database, but to a different port.
Of course you'd have to tweak both Bind and PowerDNS to listen internally on other ports besides port 53.
Not sure I'd want to go through all the work
.
It looks like interesting software; I'd like to learn more about it.
Jeff
Sounds good but I'm not sure I'd trust it to keep up with DNS requests handling DNS for hundreds to thousands of very active sites.
According to it's documentation
(see: http://www.powerdns.com/products/powerdns/index.php
it's an authoritative only nameserver, and that's good, but it's not what most of us have gotten used to. True we've been lazy, but it means we can't point our servers (not even the one it runs on) to our own nameserver for resolution of other sites.
For those of us who want full control over our nameserver, that means we'd have to run another nameserver as well, for recursive queries.
I've just read their documentation on master/slave configuration twice, and I'm still not sure I understand it, but it looks as if using PowerDNS might be a problem if you rely on an external slave (which might not be running PowerDNS) for redundant DNS service.
Can you help me with understanding the master/slave issue? PowerDNS looks like something I'll want to investigate further.
You probably could run them together but you'd have to build your own software to listen on udp port 53 (as xinetd and inetd listen for TCP/IP on other ports), look up the domain in a database to see if it's a domain for which you're authoritative (it could do a lookup on the same database PowerDNS uses), and then pass on the request (again as xinetd and inetd do) to either Bind or PowerDNS, depending on the response from the database, but to a different port.
Of course you'd have to tweak both Bind and PowerDNS to listen internally on other ports besides port 53.
Not sure I'd want to go through all the work
.It looks like interesting software; I'd like to learn more about it.
Jeff
jlasman said:
As far as I know it also caches (for about 30 seconds or so? So many lookups doesn't mean many querys)
That's not really a big problem
Master/slave functionality is actually one of the best things of PowerDNS! Especially PowerDNS<->PowerDNS has some really cool functions, but PowerDNS-OtherDNS works fine too
That sounds really difficult, will investigate it.
Not sure I'd want to go through all the work
It looks like interesting software; I'd like to learn more about it.
It's some real cool next-generation software.