[sf-lug] looking for a domain name service provider
rick at linuxmafia.com
Thu Aug 21 12:03:10 PDT 2008
Quoting vincent polite (vpolitewebsiteguy at yahoo.com):
> Well, I can't claim to be an authority. But since DNS is basically a
> database relating the domain name to the the IP address, It doesn't
> seem like it would be to hard to do. I'm not sure how it spreads
> across the net.
To further clarify, server-end DNS is of two types: Either your server
is publishing DNS data, or it's not (and is merely fetching, providing,
and caching as necessary DNS data published elsewhere).
o Publishing DNS data is called running an "authoritative nameserver".
o Handing other folks' DNS data is called running a "recursive nameserver".
If you own a domain, you'll want to have it be served up by minimum two
authoritative nameservers operating on fixed IP addresses somewhere in
the world. (The RFC-recommended numbers are minimum three, maximum
So, folks generally don't need to even consider operating authoritative
nameservice: Only domain owners do.
On the other hand, _everyone_ has reason to run a recursive (aka
"recursive-resolver") nameserver on the local LAN or local machine.
One reason: Not doing so throws away siginficant bandwidth and
performance on the traffic overhead and delays resulting from
unnecessary DNS-query transactions across your upstream link.
Another reason: Security. ISP nameservers tend to have extremely bad
security (and reliability, and performance).
The smaller your network operation, and the less bandwidth you have to
waste, the greater your advantage from a local recursive nameserver.
Yet, these are the exact people whose reaction to my suggestion is
inevitably "Oh, my computing's too small, simple, and slow to need a
nameserver. Besides, it's too difficult to do."
Here's how you turn on PowerDNS Recursor on Ubuntu:
$ sudo apt-get install pdns-recursor
That's it. PowerDNS Recursor is now running and will handle recursive
queries posed to it, and will cache that data, saving bandwidth on
repeat queries (which happen a great deal).
You _do_ need to set the local machine to send its queries there.
A *ix machine's DNS client library is configured via /etc/resolv.conf .
Edit that file to have this one "nameserver" line and no other
You also need to make sure your DHCP client software (if any) doesn't
overwrite that namserver line. There are many ways to do this; the
least complex is to install the "resolvconf" package. (Just install it;
the DHCP client should then do The Right Thing.)
More information about the sf-lug