Slashdot Mirror

← Back to Stories (view on slashdot.org)

Best DNS Service With API Access?

Posted by samzenpus on from the free-advice dept.

netaustin writes "My company runs quite a few media websites, mostly on Drupal, and about half on ec2. We have a good server setup with ec2 which allows us to route requests through Pound, a cluster of Varnish servers, then a cluster of Apache servers. We manage 50 domains (one per state) like this. Problem is, anytime things change, we have to manually adjust DNS for all 50 states, which is very boring and usually causes negative side effects too as we can't ever adjust all 50 DNS entries at once. We'd like to just change DNS providers and be done with it, but there are a lot of options, and I don't often shop for DNS services. I use EveryDNS for my personal domains, but I don't think they provide an API and it'd feel a little dishonest to reverse engineer the forms on their site since they're an esteemed donations-based service. I wouldn't feel bad about doing that to DNSPark, but they have a CAPTCHA image accompanying their login form, so goodbye DNSPark. I found a couple services that seem to do what I'm looking for, but they both feel a bit Microsoft-y and since I only want to change once, I want to get this right. Advice?"

23 of 221 comments (clear)

  1. DynDNS by rho · · Score: 5, Informative

    DynDNS.

    That was easy.

    --
    Potato chips are a by-yourself food.
    1. Re:DynDNS by crush · · Score: 5, Informative

      Yeah. One of the most reliable and ethical operators in the business.

      This seems like an appropriate link.

    2. Re:DynDNS by oskard · · Score: 4, Informative

      Also be sure to check out Dynect!

      DynDNS also offers another service, more business class. It has a MUCH more robust API, offers Failover, Load Balancing, Anycast, etc. Multiple users, node-based permissions. 37Signals, Mozilla, and RackSpace use Dynect. Highly recommended, give them a call!

      http://dynect.com/technology/developers.html

      http://dynect.com/features/api.html

      --
      Sigs are for Terrorists.
    3. Re:DynDNS by rho · · Score: 5, Informative

      Yeah. One of the most reliable and ethical operators in the business.

      This should be emphasized. DynDNS is both reliable and ethical, and have been for a long time. Indeed, since before they went commercial. When they were non-com, you could get unlimited custom DNS services for a $30 donation. Guess what? When they went commercial they honored that pledge. I still have a number of "never expires" services because of this.

      Seriously, it's not worth dicking around with DNS. Get it done right the first time.

      --
      Potato chips are a by-yourself food.
    4. Re:DynDNS by wr0ngway · · Score: 1, Informative

      Last time I checked dyndns strictly forbid using a bot to scrape and do a form submission, which is your only option with them if you want to do any more than basic IP->Host mapping. I've had very good luck with nettica - they have a complete SOAP API for all aspects of DNS entry manipulation. I wrote a ruby gem for this api so I could use it from within my rails/ec2 deployment framework

  2. Run your own dns servers .... try powerdns by brainchill · · Score: 3, Informative

    It sounds like it's time to run your own dns servers. For what you're trying to do I recommend powerdns with either a mysql or postgres backend. You can do massive updates with regular sql update syntax very quickly and anything that can talk mysql can update it ... perl, php, ruby, etc ... you name it.

    1. Re:Run your own dns servers .... try powerdns by abigor · · Score: 3, Informative

      If you indeed do need to run your own dns servers, then I second the PowerDNS recommendation. Having a proper sql backend is just paradise compared to the flat files of, uh, a certain other dns server that should be killed off. It's also worth noting that PowerDNS splits the authoritative server and the recursor into two separate daemons, which is quite a nifty idea.

    2. Re:Run your own dns servers .... try powerdns by Lennie · · Score: 3, Informative

      It's not nifty to split authoritative and recursive, it's sane (security).

      --
      New things are always on the horizon
  3. EveryDNS or NearlyFreeSpeech.net by Anonymous Coward · · Score: 1, Informative

    EveryDNS provides a "secondary DNS" service. If you can set up your own primary server, EveryDNS will clone it.

    NearlyFreeSpeech.net has an API to control DNS records.

  4. Re:Run a master? by Anonymous Coward · · Score: 2, Informative

    If you don't mind running your own master DNS server like this poster recommends, DNS Made Easy has a very cheap and very redundant IP anycast based DNS service that we use for all corporate sites. For dollars a month you could have access to their nameservers, which run all over the world. Other services offer similar enterprise DNS functionality, but comparing performance with price, we haven't been able to find a better deal yet.

  5. ZoneEdit by bziman · · Score: 3, Informative

    I've been using ZoneEdit for years and they're great. Free for small domains, and really cheap for huge domains. It never, ever breaks. And it's super easy to work with.

  6. Re:FreeDNS by almightynayr · · Score: 3, Informative

    afraid.org will do everything he wants and then some, been using them for over 5 years now with no problems. check it out

  7. Re:Run a master? by Charles+Dodgeson · · Score: 5, Informative

    Me, too. (That means "mod parent up")

    You can use DNSpark (whom I use) or other providers as slaves. Your master doesn't even need to be publicly accessible, just as long as you allow the appropriate zone transfers. This way you can have your own little scripts that generate the zone files on a host you fully control, while having the world query those professionally managed servers.

    --
    Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
  8. Run your own servers. by ScytheBlade1 · · Score: 2, Informative

    1) Install and DNS server that supports what is technically called 'dynamic updates' and make sure that the updates can be authorized by keys. This server will be internal.

    2) man nsupdate
    Here, I'll even do this step for you: http://linux.die.net/man/8/nsupdate

    3) Set the public facing DNS servers to transfer the zones from your internal DNS server.

    4) Tada.

    Using ISC BIND, I've setup my zones in a similar fashion. I configured the zone update authorization to be key based instead of IP based.

    nsupdate uses no special magic, just RFC based standards to allow zone updates. If nsupdate doesn't fit your bill (and it should, it allows you to batch updates and send them), you can roll your own.

    Keep in mind that 'dynamic update' doesn't mean 'low TTL value.' You can set it to whatever you please, it just means that you can updates records without any special zone magic.

  9. UltraDNS by pixel.jonah · · Score: 2, Informative

    Great infrastructure, robust, API, good people. I've been using them for around nine years now - http://ultradns.com/ - highly recommended.

    1. Re:UltraDNS by MikeFM · · Score: 2, Informative

      I recently switched to UltraDNS for my important domains after a string of problems related to my old providers going down under DDoS attacks. So far it seems good. A little pricey but that doesn't really matter so long as they deliver everything they promise.

      Their support has already proven to be good too - they even answered a question that was more about my registar than DNS serving.

      --
      At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
  10. Re:EasyDNS by seifried · · Score: 2, Informative

    Uhh sed can do that you know. hint: -f

  11. GoDaddy dba WildWest by bobbozzo · · Score: 4, Informative

    GoDaddy dba WildWest has an API, but we seem to have ended up being guinea pigs for it, and it didn't go well. Their documentation had features that didn't exist, promised 24-hour turnaround on support failed, ...
    It's working OK now, but I can't really recommend it.

    --
    Nothing to see here; Move along.
  12. DNS Made Easy by Bud-froggy · · Score: 2, Informative

    I highly recommend DNS made easy: https://www.dnsmadeeasy.com/s0306/res/ddnsc.html I use them with a bunch of serves on EC2 and it works like a charm.

  13. Re:Run a master? by nullchar · · Score: 2, Informative

    What sort of load can the DB backend handle? Does it use caching? There's a DLZ-bind mod out there, but it executes at least one SQL query for every DNS query; which can't handle even moderate load.

  14. Re:Run a master? by Anonymous Coward · · Score: 3, Informative

    "who would you go to for DNS glue records?"

    If really needed, your DNS registrar will do.

    "you need DNS glue from someone above you in order for those DNS servers to be valid."

    No, you don't.

    "Or has stuff changed since I last did this a few years back?"

    No, it hasn't.

    You only need glue records... when you need glue records. For a NS that means only if the name server for a domain happens to be within the same domain (so NS for example.com is for instance ns.example.com). On the typical scenario DNSs will be something like ns1.mycompany.com, ns2.mycompany.com and they will serve i.e. onestate.com, othercompany.com and the like. No glue records involved.

  15. Re:Try GoDaddy by sega01 · · Score: 2, Informative

    Go Daddy will take down your domain if they hear a peep about it, and cause all sorts of trouble. http://nodaddy.com/ I'd just run NSD and serve them from in-house (maybe get an external VPS as a slave).

  16. Uh, just run your own DNS server? by Giant+Electronic+Bra · · Score: 2, Informative

    It isn't all that hard you know...

    And even a pretty busy DNS server doesn't require vast hardware resources. You already obviously have a hosting infrastructure, etc. Bind 9 can serve up a LARGE amount of DNS requests on a couple of fairly low end machines.

    --
    "Malo periculosam, libertatem quam quietam servitutem." -- Jefferson