[dns-operations] Should medium-sized companies run their own recursive resolver?

Carlos M. Martinez carlosm3011 at gmail.com
Thu Oct 17 13:11:05 UTC 2013


On 10/17/13 8:03 AM, Jared Mauch wrote:
> On Oct 17, 2013, at 4:09 AM, Daniel Kalchev <daniel at digsys.bg> wrote:
>> On 17.10.13 00:12, Jared Mauch wrote:
>>> Even small networks (I have a friend with a ~100 user wisp) shouldn't run their own caches. The economics of it don't support this.
>> Care to elaborate on this economic problem?
>> Just an reference point:
>> Most of today's smartphones already have more resources than the DNS resolvers many small ISPs already use and those ISPs don't suffer from any kind of trouble because of that.
>> And, these smartphones are considered disposable tech.
> He's power/space constrained in some locations.  It's also not cheap to get equipment that will run in a shed at the base of a tower that's not climate controlled.  There is some hardware that could be used for this, but the cost of pointing at his upstream or someone else is much lower and reduces any possible OPEX on his side for it.

You should plan a holiday down here and come visit us. As I commented in
an earlier email, I've seen cheap chinese clones with 400-day-plus
uptimes installed in, by any other standards, appalling conditions.

I'm talking about $300 towers with no monitor and no optical drive,
providing email, internet gateway, fax-email gateway, and yes, recursive
DNS, for a 50-90 seat offices. One was a printers' shop, the others were
an industrial hardware provider and a sort of local Home Depot in a very
small city in the countryside here in Uruguay.

I have pictures of those servers somewhere, I'd try to fish them up.

So, I'm really not sold on the economics argument.

> There's also the need for monitoring, care and feeding, etc..  100 subscribers and not a lot of profit means lack of capital to invest.  easier to just "outsource" to upstream/3rd party.  

Outsourcing maintenance and monitoring while keeping your gateway, file
server and recursive DNS local is a perfectly good alternative. In fact,
I got to know these setups I describe by providing support remotely to
them, in some cases by using dialup modems attached to the gateways in
case the DSL links failed.

Most of these setups would also throw a second $300 tower for their
security cameras time-lapse video recording. Then it became easy to run
cross-server backups using rsync.

> Also, customer CPE equipment is poor and doesn't scale well for the current rate of DNS queries needed to load a webpage and the volume of devices now in the home.  Many pages will require 100+ elements or DNS queries to transact the basics.  This means tech support calls for "network is down or intermittent" that require hard-coding to work around the busted CPE gear. (e.g.: use these resolvers instead of those i just got from DHCP).  He's small so ends up making house calls to fix things for those that are unable to do it themselves.

Agreed. CPEs cannot be trusted.
> - Jared
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

More information about the dns-operations mailing list