Slashdot Mirror
What are the Benifits of Running Your Own DNS?
baileyjs asks: "I help run a small web development firm, and we are always trying to save money, but not at the cost of service to our customers. We currently purchase DNS services from our ISP, but are looking at getting our own rack. I was going to put some DNS servers there when I saw that Network Solutions offers free DNS. All our of domains (about 150) are currently on Network Solutions, so transfer is not an issue. Why shouldn't I use Network Solutions? Why should I build my own? What reasons, besides 'Network Solutions is Evil', can I give my boss?"
I don't know how good customer service is at Network Solutions, but our ISP was taking over 24 hours to process our change requests. This was unacceptable to us. So we roll our own.
The downside is that you have to make sure these machines are secure, hence there is an overhead to it all.
I'm actually moving the other way - toward hosted DNS. This is especially important if you only have one data line - dual DNS is useless if both servers are on the same connection (just ask Microsoft - that's why they ended up outsourcing theirs a couple of years ago after a big DNS problem).
But sometimes it's great to be able to do quick changes for test/development and such so you can either delegate a sub-domain that you run internally or you can set up a test/dev domain and run your own DNS for that one.
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
DYNDNS
Instant changes
One of the advantages of having your own DNS servers is that you can reload the master server whenever you makes changes to your zone files. IOW, changes are pretty much instant instead of the 24-48 hours common with other providers.
:)
Of course there are other issues that will delay the propogation of your changes but with things like adding a new subdomain there is no delay. (Always be sure to increment your serial!
The other reason we use our own DNS is so that additions can be automatically handled through a simple server script rather than using a web form.
For a pithy 150 domains, setup TinyDNS. It takes about 20 minutes to download/compile/install. There are plenty of helpful guides to setting up the software.
If you are unsure about the format, use a zone-xfer to get them to TinyDNS format. Then your DNS is 100% under your control (easy updating!), cost effective (TinyDNS needs to maintenance), and has a light impact on the server (usually 1 second of CPU time for every few days + a few hundred kb of HD space). On top of that, you can transfer your registrations to an alternative registrar (like Joker) which would be cheaper in the long run.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Network Solutions may be evil. Network Solutions is expensive. If you decide to rely on them for DNS, then you are installing yet another obstacle stopping you from switching to a different registration service.
On the other hand, many other registration services also offer included DNS, so it's not that big of a deal.
Personally, I would probably use the "free" service that you already overpaid for. I would also switch to a less expensive company for future registrations and renewals.
I'd recommend you set up your own DNS and use network solutions as the backup DNS.
Remember that the backup DNS really shouldn't be geographically located near the primary. Even though 9/10 they are on the same network sadly.
I currently work for a web hosting firm where we run our own DNS of course. Its not without its problems, for sure. But as long as you know what you're doing, or know where to go for help, its pretty easy and worth doing.
I run my own DNS for my personal server, so that I can make changes and they are instant to me, since I configured my Winders XP box to reference my server for DNS.
There are lots of neat things you can do by running your own but personally I like it because you can run hundreds of domains off of one small box that has some decent memory in it, and it won't go down unless there is hardware failure.
So, in my opinion, if you have the resources, then there is no reason NOT to. Go for it!
Nobodies Prefect
Tidbits for Techs Technology Blog
...until it just plain become a huge PITA with little return.
I can't think of a reason to host your own corporate DNS. For personal DNS - i.e. you browsing the web, etc., you can control timeouts and your queries are processed much faster - but for corporate DNS, outsource it.
Be afraid of free though. Free generally means no guarantee. Of course NetSol hosts one of the root servers so I guess you'd expect their data lines to be fairly redundant.
We currently use UltraDNS (http://www.ultradns.net). They've been fantastic and have a terrific interface for making changes. Requires some knowledge but we've *never* had a DNS problem since switching two years ago.
--T
My reality check bounced.
For one, you can have as many lines and zones as you want. Which means you can have many subdomains and many subsubdomains. Hosting providers usually put a cap, and I've seen some caps are horrific (only 5 subdomains).
I am hosting 7 domains, and 2 of the domains have 20 subdomains each. A friend on a different ISP hosts my secondary and I host his. Quite honestly, with a static IP, you dont really need DNS services at all, unless youre virtualhosting, in which case self-hosting DNS is best since you send out zones once, and just leave it there. They only change when you edit the zones.
Running BIND on a static IP server and not changing anything has low overhead, and it doesnt take much skill or time. However if youre only hosting 2 domains, not too many subdomains, usually the hosting providers offer a basic DNS service for free. Might as well use that till you hit their cap.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
We have many technically clueless clients. We provide DNS and domain regirstration for them at a slight markup and small monthly expense. They think they're getting a huge bargain and it takes us almost no time and resources. Our colo provider and office ISP (different companies) both provide secondary for free, so we have servers on different nets. A win for everybody.
Karma: It's not just a good idea. It's the law.
The possibilities are limitless.
Imagine having the ability to provide your customers with customized pointers to
You can point them to your own range of services, or to a clumsy-looking buck-toothed site "Doh! We're dorks!".And that doesn't even begin to enumerate the lucrative possibilities of being a window to various on-line casinos and to paypal...
"Provided by the management for your protection."
DNS caching is configurable. If you know changes are coming soon, you can change your time-to-live (ttl) to 5 minutes.
When your new ttl has propogated to everyone, you can make your changes, which will apply in 5 minutes, then restore the old ttl.
These sorts of changes are not as easy to make with an external DNS provider, though they can be done.
You need a secondary DNS in case your site is cutoff from the net (backhoe cuts your cable), or if your ISP has routing/service problems, or if you suffer a loss of power for an extended period of time.
Loss of DNS service is more than people simply not being able to reach your site, loss of DNS service means EMail bounces (servers return EMail if they can no longer resolve your domain). Loss of DNS service means that web browsers tell your customers that you do not exist instead of simply telling them that you are down / not responding.
You want a secondary DNS that is located " elsewhere ". You want it far enough away that a single regional disaster (power outages, floods, earthquakes, etc.) does not take out both your primary DNS and your secondary DNS. You want your secondary DNS to have a distinct set of service providers to increase the chance that sites will be able to resolve your domain if the regional network is partitioned.
Run your own primary DNS. Make it a non-caching, non-forwarding, static, only answers queries for the domains it is authoritative. Then pick 1+ secondary DNS services that will slave off of your DNS master keeping in mind the points raised above.
One example of a secondary DNS Service is BackupDNS. They are inexpensive: Secondary DNS hosting your 150 domains would cost $28.50 US per month ($0.19 US per zone per month). They let you be in full control of your DNS service: Their site lets you new add zones, update (purge your zone on their servers and then force an reload) or remove zones on the fly. They will be a backup MX site if you like. They can even grok TSIG to improve the security of zone transfers. The BackupDNS folks are clueful, efficient, reliable and (unlike NetSol/Verisign) non-evil. I'm sure there are other secondary DNS Services that are both clueful, inexpensive. I mention these folks because we have had years of flawless secondary DNS service from them.
To sum it all up: Run a primary DNS to maximize the control and flexibility over your own domains. Use a clueful off-site secondary DNS service to maximize the chance that others will be able to resolve your domain.
chongo (was here)
I started running DNS at home when all I had was a desktop PC and a dialup PPP connection. To tell the truth, I forget exactly why I felt it necessary to start running it, but now that there are (ahem) considerably more than one computer in the house, DNS is indispensible. You asked about benefits?
I installed on Debian 1.2 back in the day and it was pretty trivial. Did it more recently on OpenBSD 3.2 and still trivial. The only thing you have to do, unless you want to actually learn the gory details of BIND, is to start with a skeleton zone/reverse-lookup file and fill it out from there. As I recall, Debian's was very easy to modify.
In similar vein I also recommend running squid locally and surfing through it. Yes I know your browser is so au courant and caches everything but squid presents a consistent, persistent(ish) cache in case you need to serve multiple browsers.