[dns-operations] Should medium-sized companies run their own recursive resolver?
simon at darkmere.gen.nz
Tue Oct 15 00:48:49 UTC 2013
On Mon, 14 Oct 2013, Doug Barton wrote:
> We of the DNS literati tend to forget just how difficult this stuff really
> is, and how hard it is for companies to prioritize spending money on things
> that usually "just work."
I'm a little concerned at the answers here. Surely a recursive resolver is
one of the simplest services in the world to configure? You basically
enable it, make sure recursion is on and update DHCP or whatever to use
it. Add another server for luck and put a "Turning this off breaks
Internet" sticker on it if you want it robust.
I'm not entirely sold on using Google DNS or OpenDNS. In my case there
are/were several thousand km and and few counties away so didn't produce
the best performance, they also introduce a dependence on upstream
services several hops away.
 If it is inside the firewall ignore the ACLs, Also ignore the logs
cause nobody will read them anyway. That leaves about a 6 line bind
Simon Lyall | Very Busy | Web: http://www.darkmere.gen.nz/
"To stay awake all night adds a day to your life" - Stilgar | eMT.
More information about the dns-operations