Follow

Hrm. Need to get a new secondary DNS server... Same question, every few years: Do I continue to run my own DNS for my domains? Or just offload it in some provider that does all the heavy lifting for me?
I mean it's not really an effort (as long as I put off DNSSEC) - all this is rather static infrastructure that doesn't even warrant automation...
Somehow I feel that keeping running small bits of infrastructure myself (DNS, mail, web) is a small proof that it still can be done in today's world.

@ScottMortimer I'm currently using bind on OpenBSD and Linux, mostly because that's what I know - so I can do required changes quickly.
For the new secondary I was looking at NSD, just to try something different that doesn't seem to make too much additional work.

@selea @sillystring

@galaxis

running hidden master with 3 public ones here. nictool for management. giving up running dns, mail, web self hosted is the beginning of the end for privacy.

@galaxis

i'm working on one myself. for myself and if good enough to share with others. it's currently down while i inspect some interesting log entries. hoping to do a public go live before the end of the year.

very cool what you are doing @selea !

@selea @galaxis

After a very brief look into my options I began setting up #FreeBSD and #Unbound.

Then one evening for no great reason I switched to #Ubuntu and #BIND.

Most of my important servers for clients run Ubuntu and that's where I'm most comfortable. Since this is merely a side project, well, Ubuntu / BIND it is.

I just started lurking their user email list to try and learn some new tricks.

How about you selea?

@sillystring

Alright! I've have used Bind for many many years, both at work and private. But I decided that I instead would try PowerDNS - it is was basically love at first zone.

@galaxis

@galaxis Even if it's more effort, I'm automating all the stuff now...

@ascherbaum Yeah, I know I'm way behind on the automation front - but by now it's a steep cliff to climb for my personal infrastructure, which still mostly consists of pet systems that are running for a long time.

@galaxis Certainly the same here. But I make an effort to change that for every new system.

@galaxis

If #DNSSEC is burdensome use a third party. Most top level domain name registrars offer this I think.

Sign in to participate in the conversation
INFRa Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!