2

On previous projects I have relied upon the data centre to handle my DNS.

However recently we have been moving more projects to various "cloud" solutions.

  1. Is it a good idea to run a DNS server on a VPS in the cloud?
  2. If so is there any good web-based DNS management software?
  3. What the minimum spec needed?
Richard Stelling
  • 1,577
  • 2
  • 19
  • 25

4 Answers4

4

I'd think that using one of the services that specifically does DNS as a service for you would be better than running a DNS server on a VPS. Price, reliability, features, and your time.

If you are going to run your own DNS "in the cloud" on VPS servers, you should make sure you have 2 or 3 DNS servers running on different clouds. That's what's needed to get decent reliability, but that will almost certainly cost more than using a company that sells DNS as a service (and probably still not be as reliable).

freiheit
  • 14,544
  • 1
  • 47
  • 69
4

It's not inherently a bad idea.

VPS solutions in my experience are generally a bad idea for anything with high disk activity, if they don't have the right infrastructure. They can be made to work in high disk i/o situations, but mostly that doesn't happen with low-end VPS providers (Linode / Slicehost etc.)

DNS is generally quite a low resource intensive service. It requires nowhere near the same infrastructure to provide the same service as a database server or webserver. So a VPS solution should be fine for a DNS server, providing you're happy with your providers uptime.

You should be:

  • Running more than one DNS server. Two at least, preferably three for high volume uptime critical hosts.
  • The DNS servers should really be in completely separate locations. Yes, physical locations. If that's not possible, at least physically separate networks.

There are some exceptions to this rule. Targetting DNS servers is a common attack mechanism for criminals (particularly those who try and extort money from sites). If you're hosting high risk websites (high turnover websites like bookmakers would be in this high risk category), my advice would be to outsource your DNS to someone like UltraDNS. This is of course, providing that your webservers are harder to DDoS than your DNS servers!

So, bottom line, two DNS servers with two separate VPS providers I would approve of for any small to mid range hosts.

Philip Reynolds
  • 9,799
  • 1
  • 34
  • 33
  • 1
    UltraDNS I have heard of, are there any other DNS service providers people would recommend? – Richard Stelling Oct 30 '09 at 15:21
  • On the high end of the market, you'd be looking at the likes of Akamai Technologies Inc and Nominum Inc. Amazon use UltraDNS and that's enough of a comfort for me to be honest. – Philip Reynolds Oct 30 '09 at 15:42
2

You don't need heavy hardware specs to run something like this, and you can use something like cPanel DNS Only, or look into PowerDNS for the software side.

The thing is, you really should have it geographically dispersed, even if it's in the cloud to avoid any problems, not to mention the fact that you will have to maintain each of these servers to make sure they are kept updated and secure.

Using an established service is recommended, as it will be much more redundant and give you less hassle.

gekkz
  • 4,229
  • 2
  • 20
  • 19
  • +1 for PowerDNS and multiple cloud providers. There's a lot of good frontends for it (PowerAdmin being the most popular). – François Feugeas Oct 30 '09 at 15:11
  • What do you mean by "geographically dispersed"? More than one server around the world? – Richard Stelling Oct 30 '09 at 15:12
  • 1
    @rjstelling That's precisely what I mean. You would need at least two, and you should have some Denial of Service protection as well. EditDNS.net was brought down by an attack like this, and they are geographically distributed but weren't very well protected. – gekkz Oct 30 '09 at 15:15
  • What's the advantage of having highly spread DNS when your app is located in a single datacenter? – Jim Zajkowski Oct 30 '09 at 15:19
  • @Jim If your DNS servers are down, your app won't be reachable. – gekkz Oct 30 '09 at 15:21
1

As long as the VPS has a static and stable address, running DNS on it should be no problem at all. I run DNS on Slicehost slices and it's perfectly stable and acceptable.

The minimum capability depends on how many unique visitors you get over time, modulo the cache settings. If this is just a DNS server that is authoritative for a website or two, the actual number of lookups you will have to service is nowhere near what you would need for a recursive server. Coupled with high TTLs you can run on very small hardware indeed.

I don't have an answer on web management; I hand-edit djbdns and bind zone files.

If you're not sure what to do, I've had customers use EasyDNS, and I'd recommend them.

Jim Zajkowski
  • 1,604
  • 12
  • 11