[dns-operations] Should medium-sized companies run their own recursive resolver?
gwiley at verisign.com
Mon Oct 14 18:09:16 UTC 2013
While the concern about the link to the outside world is an issue, the
same concern holds for whatever provides your connectivity. As a matter
of practice, when designing for availability you want to focus on the
least reliable layers in a stack before focusing on other layers,
otherwise your availability improvements are potentially nil.
If you can run a more reliable recursive server than your provider (or
google or whoever) then by all means, however there are probably more
meaningful places to spend your resources if you have a small company.
On the other hand, if there is a functional reason for running your own
recursive server that is entirely different, for example filtering via
DNS, split view zones etc.
The Hive, Verisign, Inc.
On 10/14/13 1:48 PM, "Carlos M. Martinez" <carlosm3011 at gmail.com> wrote:
>The problem that i see is that if you don't run your local DNS, then if
>your link with the outside world goes down, you're essentially toasted
>even for your own, locally hosted, services.
>This may not be a concern if you live in the more developed parts of the
>world, but down south here, trust me, it is.
>Granted, you can teach your users to access your printers and local file
>servers by IP, but that hardly seems a sane approach in the long run.
>Here in the true 'deep south', people run 30-40 people SOHOs behind
>dynamic-IP ADSL lines, which change addresses every 12 hours. Some of
>them even do clever tricks to load-balance cheap DSL lines.
>So, yes, I think running your own DNS is something important to do, not
>only for recursion but for resolving local resources as well.
>On 10/14/13 3:41 PM, Richard Lamb wrote:
>> If google concerns are irrelevant I'd say just use 188.8.131.52 (like many
>>corps already do). Safety in numbers, deep pockets and lawyers ;-)
>> Sent from my iPhone
>> On Oct 14, 2013, at 9:09, "Paul Hoffman" <paul.hoffman at vpnc.org> wrote:
>>> A fictitious 100-person company has an IT staff of 2 who have average
>>>IT talents. They run some local servers, and they have adequate
>>>connectivity for the company's offices through an average large ISP.
>>> Should that company run its own recursive resolver for its employees,
>>>or should it continue to rely on its ISP?
>>> --Paul Hoffman
>>> dns-operations mailing list
>>> dns-operations at lists.dns-oarc.net
>>> dns-jobs mailing list
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
>> dns-jobs mailing list
>dns-operations mailing list
>dns-operations at lists.dns-oarc.net
>dns-jobs mailing list
More information about the dns-operations