Setting up Linus based DNS sesrver

karthik_selamel
karthik_selamel used Ask the Experts™
on
Hi,

 We have DNS running on sparc and solaris.

 Client now wants DNS to be ported to Linux.So I would like to know opinions of System Admins having experience in maintaining DNS on Linux,in terms of performance ,reliabilty,vulnerabilty etc...

 Honestly I want DNS only on Solaris and sparc as I believe it has proved its merit already and I don't want this experimentation on Linux to hurt things.

Regards,

Karthikeyan
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2005
Commented:
Linux can make a very stable and responsive DNS server. Personally I'd use Redhat, say 7.3, but other recent distros should work equally as well.

In the last few years I've converted several networks from Solaris on Sparc DNS servers to RedHat. We did this as means of controlling costs. Sparc hardware, especially for large DNS installations and/or high hit rates, tends to be on the pricey side. Intel platforms running something like RedHat tend to be on the cheap side.

I've not experienced any problems with these servers, in terms of reliability, response, or maintainability. A plus is that the RedHat boxes tend to come with more up to date versions of BIND than Solaris, although it is easy enough to not use the Solaris BIND (I never do) and build your own.

Pretty much the same sort of rules apply to Solaris and Linux with repect to security (turning off un-needed services, security updates, etc.). However, points in Linux's favor for servers exposed to the Internet are that they come with Tripwire and IPtables. IPtables is especially useful in that you can easily create a host based firewall to limit access.
I agree with jlevie regarding the reliability, response and maintainability, but I would suggest an alternative to the traditional DNS server. The alternative would be djbdns (//http://cr.yp.to/djbdns.html).

I consider that this package would make the Linux DNS server even more reliable than the Solaris version. Also as a big advantage is the easiness in configuration and mainenance.

Please feel free to ask for more info on this solution (I am using it right now for an ISP and I consider it to be the best).

Best regards,
Razvan
There is a good howto on my LUG's website on how to make a caching DNS server. Here is the URL:

http://www.cllug.org/howto/dns.html

Larry
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
Hi Levi and Razvan,

  Thanks both of you?can you pls update me more on DNS propagation?

 That is,does DNS propagation happen automatically or is there a way to force propagation(by means of commands) like forcing zone transfers?

Regards,

Karthik
Top Expert 2005

Commented:
An authoritative DNS server will send notifies to each of its secondaries any time that it is started or asked to reload its zone files, unles you specifically prohibit it from doing so. Slave server, if it's been too long since they've updated their slave zones, will request that the authoritative server  provide the SOA record so the can check the serial.

So yes, DNS propogation happens automatically and is a pard of BIND regardless of platform.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial