LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 03-15-2007, 08:55 AM   #1
mintojoseph
LQ Newbie
 
Registered: Nov 2006
Location: Kerala
Distribution: Fedora, Debian, RHEL
Posts: 29
Blog Entries: 1

Rep: Reputation: 15
Which DNS server is better?


Hi,

I want to install a new DNS server. I would like to discuss about which is best DNS server. BIND, PowerDNS or any other one?

Considerations are manageability, security and stability.

Please put forward your suggestions and opinions.


With Regards,
Minto Joseph

Last edited by mintojoseph; 03-16-2007 at 06:37 AM.
 
Old 03-16-2007, 10:44 AM   #2
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,830
Blog Entries: 15

Rep: Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668
"better" is always subjective.

BIND is the one nearly everyone uses in UNIX/Linux (it comes with most distributions).

I've seen folks mention TinyDNS here which I gather is good for small home networks.

I've never seen mention of PowerDNS before.

The community for BIND is quite large so you're apt to find answers to your questions more easily in Google just because of its prevalence.
 
Old 03-19-2007, 08:34 AM   #3
mintojoseph
LQ Newbie
 
Registered: Nov 2006
Location: Kerala
Distribution: Fedora, Debian, RHEL
Posts: 29

Original Poster
Blog Entries: 1

Rep: Reputation: 15
Smile

Thankyou very much for your opinion
 
Old 03-20-2007, 06:16 PM   #4
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
I'll second BIND being the way to go. It is far and away the best DNS server on the planet.

Manageability is handled with the rndc utility, which allows you to reload specific domains while otherwise leaving the DNS as a whole running. When you have 2000 domains on a server, you don't want to stop and restart all of them because you added a MX record to one of them. The rndc tool allows you to reload just that zone.

Security isn't much of a factor to be honest with you. BIND hasn't had a security flaw in BIND itself in years. There have been issues with openssl, but that is a problem with openssl, not BIND. Those problems have been corrected in any case by the openssl team. To harden the install, some people use a chroot for BIND, which is fine if you want to go that way. A properly configured BIND server has no need for a chroot, but it doesn't hurt anything either.

Stability is a given with BIND. It is a very simple program that has had the best minds in computing working on it for years and years. Nearly any problem you could encounter has already been discussed at length in the newsgroup for BIND, and generally solved. There will also be many discussions on the newsgroup of the DNS "bible", which is absolutely the essential piece of reading for anyone running DNS. Here is a link to the amazon page for it, or you can find it at nearly any bookstore, even the generic mall ones and not the computer store ones, though they may have it as well.

http://www.amazon.com/DNS-BIND-5th-C...4432427&sr=1-2

Peace,
JimBass

Last edited by JimBass; 03-20-2007 at 06:17 PM.
 
Old 03-30-2007, 04:32 PM   #5
jmryan
LQ Newbie
 
Registered: Mar 2007
Posts: 2

Rep: Reputation: 0
DNS Server

While BIND may be the de facto standard it is susceptible to reflected UDP attacks that will overwhelm the server. There are a number of noted attack articles on the web.
 
Old 03-30-2007, 07:01 PM   #6
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,830
Blog Entries: 15

Rep: Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668
Meaning that other DNS servers aren't susceptible to attack? Or that BIND can not be hardened? Which version(s) of BIND? How much research have you done on it?

If you're trying to say something else is better then say what it is and why you think it is.
 
Old 04-04-2007, 05:15 PM   #7
jmryan
LQ Newbie
 
Registered: Mar 2007
Posts: 2

Rep: Reputation: 0
DNS Server

www.secure64.com
 
Old 04-04-2007, 06:42 PM   #8
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
Yes, only $9,995.

It is an intriguing idea, to have effectively "no" underlying OS that is vulnerable to exploits. Still, I'll take free BIND any day of the week.

Peace,
JimBass
 
Old 04-04-2007, 07:06 PM   #9
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,830
Blog Entries: 15

Rep: Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668
Nice. The newbie is just here to shill a product. Apparently he missed that is a Linux (e.g. Open Source Software) site.
 
Old 04-05-2007, 11:02 AM   #10
mintojoseph
LQ Newbie
 
Registered: Nov 2006
Location: Kerala
Distribution: Fedora, Debian, RHEL
Posts: 29

Original Poster
Blog Entries: 1

Rep: Reputation: 15
I have no intention to move on to any commercial software when some beautifully written softwares are available with open source..

I am thinking about bind.. I am planning to write a web based and command based control panel for managing DNS.

I searched for webbased control panels currently available.. But I would like to get expert suggestions of most commonly used ones.. If some good proven ones are available, why bother to write a new one?

Happy Computing
Mintos

Last edited by mintojoseph; 04-05-2007 at 11:03 AM.
 
Old 04-05-2007, 06:44 PM   #11
JJX
Member
 
Registered: Mar 2004
Location: Greece
Distribution: Debian
Posts: 345

Rep: Reputation: 31
webmin is one option
 
Old 04-06-2007, 01:28 AM   #12
nmh+linuxquestions.o
Member
 
Registered: Feb 2007
Posts: 135

Rep: Reputation: 15
djbdns should be mentioned - it is supposed to be good for that security stuff. However, last I checked, it did not do what I needed (ddns), and so I use bind - it works great for me.
 
Old 04-23-2007, 12:28 AM   #13
mintojoseph
LQ Newbie
 
Registered: Nov 2006
Location: Kerala
Distribution: Fedora, Debian, RHEL
Posts: 29

Original Poster
Blog Entries: 1

Rep: Reputation: 15
Hi all,

Thank you for all your inputs.

We have have finished the implementation of DNS.

From the start, I preferred the idea of mysql engine for storing and accessing records. I thought that it will be faster than text based processing. I even checked the options for adding mysql backend to BIND.

PowerDNS (PDNS) supports a default MYSQL backend. So I finalized on that. It also provides a web based front end called Power Admin.

I know that BIND is vastly used and have massive support groups but I was ready to take a risk for a good change.

Seconday DNS server is updated via MYSQL replication.

We used djbdns (dnscache ) as a recurser.

Everything works fine..


Happy Computing.

Minto Joseph
 
Old 04-24-2007, 02:28 AM   #14
trinath_ya
LQ Newbie
 
Registered: Jan 2007
Posts: 2

Rep: Reputation: 0
hi.....

hi....i can suggest you to use BIND.

Quote:
Originally Posted by mintojoseph
Hi,

I want to install a new DNS server. I would like to discuss about which is best DNS server. BIND, PowerDNS or any other one?

Considerations are manageability, security and stability.

Please put forward your suggestions and opinions.


With Regards,
Minto Joseph
 
Old 04-24-2007, 08:28 AM   #15
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,830
Blog Entries: 15

Rep: Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668
Apparently you missed the latest post where he said he'd chosen PowerDNS and gave his reasons.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
help needed to setup a DNS server can anyone say how to configure a DNS server subha Linux - Networking 4 04-27-2012 11:50 PM
Run my own backup DNS server, ISP DNS not available chrismcnally Linux - Networking 3 07-30-2006 08:20 AM
Do I leave primary and seconday DNS blank for a DNS Server? imsam Linux - Networking 3 10-25-2004 01:48 PM
need help to set up caching only dns server to with bogus DNS entries ullas Linux - Networking 1 10-28-2003 01:54 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 07:15 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration