[Discuss] DNS providers

[jay at lentecs.com (Jason Normand)]

We are really looking to eliminate our hardware overhead.  We could run a
bind box in EC2 but thats likely excessive and just a small step removed
from the hardware overhead.  We really want a fully hosted solution, that
we do not have to worry about.  Our DNS is fairly static, most changes are
for development and office use rather than production.  Route53 is
tempting, though we would like to consider other options as well.


On Fri, Sep 5, 2014 at 6:32 AM, Dan Ritter <dsr at randomstring.org> wrote:

> On Thu, Sep 04, 2014 at 01:34:05PM -0400, Jason Normand wrote:
> > we are looking to move our DNS out of house and are looking for
> > recommendations.  currently we are managing multiple bind servers
> > ourselves.  but most of our systems are now running in AWS, and the few
> > left in the colo are being dropped within the year.  our needs are not
> > really that intensive or complex, but we would like a robust system and a
> > strong SLA is a requirement.
>
> What is your actual goal? One way or another, you are in charge
> of your own information; what responsibilities do you want to
> pay someone else to handle?
>
> You might consider, for example, running a single master DNS
> server that you don't list as authoritative for public
> consumption, but has slaves at several external providers which
> are so listed. Your master can lost contact for periods of time
> while the slaves continue to work. Distribute them over three or
> four providers and it will be quite bullet-resistant.
>
> If all your systems are in AWS, it might make sense to use
> Amazon's Route53 system. It's unlikely to be much different in
> terms of availability from AWS.
>
> You also haven't mentioned whether you have split DNS, where
> machines inside your security boundary can see a different view
> than the public. That will change everything.
>
> -dsr-
>