[sf-lug] looking for a domain name service provider
Rick Moen
rick at linuxmafia.com
Thu Aug 21 10:21:38 PDT 2008
Quoting toya (toya at linefeed.org):
> For DNS I use everydns.net.
Some quick comments:
1. As you mention, it's from the OpenDNS outfit (David Ulevich's),
which is a pretty benign and competent set of folks. It's a
free-of-charge service, which is nice.[1]
2. They use the authoritative-DNS portion of djbdns ("tinydns"), which
has some merits but is very peculiar, and is notorious for deliberately
not implementing parts of the real-world DNS protocols that its author,
Daniel J. Bernstein, for whatever reason dislikes. I see that EveryDNS
doesn't support "NTFY" (Notify), for example. Thus, if you update the
contents of your DNS on your authoritative server, EveryDNS's secondary
service will ignore the Notify advisory that your primary nameserver
sends out. Instead, they brute-force their software to automatically
re-contact the primary nameservers every hour on the hour, and override
the "expire", "retry", and "refresh" specs you put in the zone header.
This is squirrely: When you update your DNS, there's no excuse for
secondaries refusing to take notice. You should not have to put up with
that.
Ulevich is well aware of that problem. It speaks well for him that he's
up-front about that. Quoting the FAQ: "EveryDNS violates rfc1034 by
ignoring your SOA parameters. We unconditionally poll every hour on the
hour, no matter what refresh and retry parameters you list. This might
possibly be interpretted as a Bad Thing."
It's not his fault. It's because he's using Dan Bernstein's software.
Other demented peculiarities of djbdns/tinydns/etc. are noted in the
djbdns entry within "DNS Servers" on
http://linuxmafia.com/kb/Network_Other/
[1] Supporting the service through donations is tactfully but pointedly
suggested.
More information about the sf-lug
mailing list