| 1 |
Am 18.08.2011 03:35, schrieb Michael Mol: |
| 2 |
> On Wed, Aug 17, 2011 at 5:53 PM, Alan McKinnon <alan.mckinnon@×××××.com> wrote: |
| 3 |
>> On Wed 17 August 2011 17:23:41 Michael Mol did opine thusly: |
| 4 |
>>> On Wed, Aug 17, 2011 at 4:56 PM, Grant <emailgrant@×××××.com> wrote: |
| 5 |
>>>> I currently use a free service to host the DNS records for my |
| 6 |
>>>> website, but I'm thinking of running a DNS server on the same |
| 7 |
>>>> machine that runs my website instead. Would that be fairly |
| 8 |
>>>> trivial to set up and maintain? If so, which package should I |
| 9 |
>>>> use? |
| 10 |
>>> |
| 11 |
>>> ISC bind is the de facto standard for DNS servers. I haven't |
| 12 |
>>> administered bind on Gentoo, but on Debian, most of the problems I |
| 13 |
>>> run into come from how Debian packages and updates configuration |
| 14 |
>>> files. |
| 15 |
>>> |
| 16 |
>>> I'm not running DNS servers in any major production capacity; I've |
| 17 |
>>> got a bind server at home linking my home domain and my employer's |
| 18 |
>>> work domain across a VPN, and updated dynamically via a dhcpd on |
| 19 |
>>> the same server. It's also serving as a caching recursive resolver |
| 20 |
>>> for my home network, which was *really* necessary when I was still |
| 21 |
>>> on AT&T. (The DSL link was dropping packets every now and again, |
| 22 |
>>> and it's a PITA when that happens to DNS queries) |
| 23 |
>> |
| 24 |
>> You're running an auth server and a cache on the same machine? |
| 25 |
> |
| 26 |
> Split across a couple views, but yeah. And no recursion allowed on the wan side. |
| 27 |
> |
| 28 |
>> |
| 29 |
>> At a minimum they should be on different interfaces and preferably in |
| 30 |
>> chroots. Otherwise all manner of $BAD_STUFF happens. |
| 31 |
> |
| 32 |
> Hm. Interested. |
| 33 |
> |
| 34 |
> echo $BAD_STUFF |
| 35 |
> |
| 36 |
> (or URI) |
| 37 |
> |
| 38 |
|
| 39 |
URI: http://cr.yp.to/djbdns/separation.html |
| 40 |
|
| 41 |
Regards, |
| 42 |
Florian Philipp |
Archives