1 |
Am 18.08.2011 03:35, schrieb Michael Mol: |
2 |
> On Wed, Aug 17, 2011 at 5:53 PM, Alan McKinnon <alan.mckinnon@×××××.com> wrote: |
3 |
>> On Wed 17 August 2011 17:23:41 Michael Mol did opine thusly: |
4 |
>>> On Wed, Aug 17, 2011 at 4:56 PM, Grant <emailgrant@×××××.com> wrote: |
5 |
>>>> I currently use a free service to host the DNS records for my |
6 |
>>>> website, but I'm thinking of running a DNS server on the same |
7 |
>>>> machine that runs my website instead. Would that be fairly |
8 |
>>>> trivial to set up and maintain? If so, which package should I |
9 |
>>>> use? |
10 |
>>> |
11 |
>>> ISC bind is the de facto standard for DNS servers. I haven't |
12 |
>>> administered bind on Gentoo, but on Debian, most of the problems I |
13 |
>>> run into come from how Debian packages and updates configuration |
14 |
>>> files. |
15 |
>>> |
16 |
>>> I'm not running DNS servers in any major production capacity; I've |
17 |
>>> got a bind server at home linking my home domain and my employer's |
18 |
>>> work domain across a VPN, and updated dynamically via a dhcpd on |
19 |
>>> the same server. It's also serving as a caching recursive resolver |
20 |
>>> for my home network, which was *really* necessary when I was still |
21 |
>>> on AT&T. (The DSL link was dropping packets every now and again, |
22 |
>>> and it's a PITA when that happens to DNS queries) |
23 |
>> |
24 |
>> You're running an auth server and a cache on the same machine? |
25 |
> |
26 |
> Split across a couple views, but yeah. And no recursion allowed on the wan side. |
27 |
> |
28 |
>> |
29 |
>> At a minimum they should be on different interfaces and preferably in |
30 |
>> chroots. Otherwise all manner of $BAD_STUFF happens. |
31 |
> |
32 |
> Hm. Interested. |
33 |
> |
34 |
> echo $BAD_STUFF |
35 |
> |
36 |
> (or URI) |
37 |
> |
38 |
|
39 |
URI: http://cr.yp.to/djbdns/separation.html |
40 |
|
41 |
Regards, |
42 |
Florian Philipp |