[dns-operations] Should medium-sized companies run their own recursive resolver?

Fred Morris m3047 at m3047.net
Thu Oct 17 17:59:21 UTC 2013

On Thu, 17 Oct 2013, Jared Mauch wrote:
> Most of these "advanced" DNS things like RRL, RPZ and others aren't for
> the faint of heart.  Most people don't watch/monitor logs like those here.


I assumed in my "it depends" answer that whatever DNS service the
company was presently using might have such advanced services /which they
were happy with/. Some people say ISPs are "lying" with rewriting and so
forth but let's assume, since it wasn't stated otherwise, that the company
in question is happy with the service they receive. There are many reasons
for this. They might even be using a third-party (off-prem) DNS/firewall
solution. I don't like the implicit notion that "well they're not big
enough to need/deserve advanced features/toys like we get to have".

To summarize my previous answer: I would expect the 2 IT bods would
continue to argue for outsourcing; however there might be others within
the organization with other concerns or objectives arguing otherwise.

Let me add that rationally speaking IT is not likely to be a core
competency in an organization where the IT resourcing is at a 1:50 ratio:
this is not a software or internet services shop.


Fred Morris

More information about the dns-operations mailing list