Hrm. Need to get a new secondary DNS server... Same question, every few years: Do I continue to run my own DNS for my domains? Or just offload it in some provider that does all the heavy lifting for me?
I mean it's not really an effort (as long as I put off DNSSEC) - all this is rather static infrastructure that doesn't even warrant automation...
Somehow I feel that keeping running small bits of infrastructure myself (DNS, mail, web) is a small proof that it still can be done in today's world.

@galaxis I think Hurricane Electric and Vultr offer free DNS. I don't know if it is primary or secondary.

@mindnmotion Ah, it's not about the money. It's more about managing effort and operational worries. In the end, all the providers where I have domains also include running the DNS service. Ok, I use dynamic DNS updates in some of the zones - that might not work everywhere.

@ScottMortimer I'm currently using bind on OpenBSD and Linux, mostly because that's what I know - so I can do required changes quickly.
For the new secondary I was looking at NSD, just to try something different that doesn't seem to make too much additional work.

@selea @sillystring


running hidden master with 3 public ones here. nictool for management. giving up running dns, mail, web self hosted is the beginning of the end for privacy.


i'm working on one myself. for myself and if good enough to share with others. it's currently down while i inspect some interesting log entries. hoping to do a public go live before the end of the year.

very cool what you are doing @selea !

@selea @galaxis

After a very brief look into my options I began setting up #FreeBSD and #Unbound.

Then one evening for no great reason I switched to #Ubuntu and #BIND.

Most of my important servers for clients run Ubuntu and that's where I'm most comfortable. Since this is merely a side project, well, Ubuntu / BIND it is.

I just started lurking their user email list to try and learn some new tricks.

How about you selea?


Alright! I've have used Bind for many many years, both at work and private. But I decided that I instead would try PowerDNS - it is was basically love at first zone.


@galaxis Even if it's more effort, I'm automating all the stuff now...

@ascherbaum Yeah, I know I'm way behind on the automation front - but by now it's a steep cliff to climb for my personal infrastructure, which still mostly consists of pet systems that are running for a long time.

@galaxis Certainly the same here. But I make an effort to change that for every new system.


If #DNSSEC is burdensome use a third party. Most top level domain name registrars offer this I think.

Sign in to participate in the conversation
INFRa Mastodon

This Mastodon instance is not open for public registration. Site administrator is Alexander Bochmann.

Contact email: