Wolfgang_D
asked on
Is it unwise to run DNS on your web server?
Is it unwise to run DNS on your web server?
My personal opinion is that you need to take into account a few factors.
What is the "size" of the computer you plan to deploy the website(s) on?
What is th expected traffic (hits as well as volume of data transfered) on the web site?
Is the web site serving up static pages, or dynamic pages?
Is the web site pulling data from a database? Is the database on the same computer as the web server?
Some people say that you should not mix server functions on the same computer, but that results in a LOT of very UNDERUTILIZED computers taking up space, using power, and generating heat. One computer running at 20-25% busy uses less environmental resource than 4-5 computers running at 5% busy each.
Also, you may not want to have one DNS server, or even one web server. Depends on the availability requirements for the site.
If you don't want to run DNS and Web in the same OS image, you may want to look at getting two physical computer, and running virtual machines on them. One on each for web server functions and one for each for DNS functions.
But again it depends on the load you will have with the web server. Typically DNS servers do not use that much computing resources.
What is the "size" of the computer you plan to deploy the website(s) on?
What is th expected traffic (hits as well as volume of data transfered) on the web site?
Is the web site serving up static pages, or dynamic pages?
Is the web site pulling data from a database? Is the database on the same computer as the web server?
Some people say that you should not mix server functions on the same computer, but that results in a LOT of very UNDERUTILIZED computers taking up space, using power, and generating heat. One computer running at 20-25% busy uses less environmental resource than 4-5 computers running at 5% busy each.
Also, you may not want to have one DNS server, or even one web server. Depends on the availability requirements for the site.
If you don't want to run DNS and Web in the same OS image, you may want to look at getting two physical computer, and running virtual machines on them. One on each for web server functions and one for each for DNS functions.
But again it depends on the load you will have with the web server. Typically DNS servers do not use that much computing resources.
ASKER
Here is some more exact info about our server and websites.
Our server runs CentOS Linux; has two Intel(R) Xeon(R) CPU E5310 @ 1.60GHz; 2 GB of memory; and a 160 GB hard drive.
Our web server serves up 55 websites and they use approximately 180-220 Gig of bandwidth per month. Not sure on the total number of hits but one of our more popular sites got 2841341 hits last month from 72015 unique visitors.
All of our sites serve up dynamic, database driven, content.
The proposal was to run the primary and secondary dns off the same server ... which happens to be our web server as well.
I didn't like the idea that the backup was on the same server as the primary. That didn't seem logical. Also I'm not sure if it would slow the server down or expose it to attacks directed at name servers.
Let me know your thoughts. :-)
Our server runs CentOS Linux; has two Intel(R) Xeon(R) CPU E5310 @ 1.60GHz; 2 GB of memory; and a 160 GB hard drive.
Our web server serves up 55 websites and they use approximately 180-220 Gig of bandwidth per month. Not sure on the total number of hits but one of our more popular sites got 2841341 hits last month from 72015 unique visitors.
All of our sites serve up dynamic, database driven, content.
The proposal was to run the primary and secondary dns off the same server ... which happens to be our web server as well.
I didn't like the idea that the backup was on the same server as the primary. That didn't seem logical. Also I'm not sure if it would slow the server down or expose it to attacks directed at name servers.
Let me know your thoughts. :-)
ASKER
This is not an internal domain controller.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
hi sorry for late reply but giltjr explained in a nice way.
there is not much to say...
if you maintain your dns server then you just have to make sure that the zone is not nontransferable other wise it would create a security problem..other then that you should be fine.
by the way, currently who is responsible for your dns server ??
there is not much to say...
if you maintain your dns server then you just have to make sure that the zone is not nontransferable other wise it would create a security problem..other then that you should be fine.
by the way, currently who is responsible for your dns server ??
ASKER
Thanks for all the replies; our DNS server is up and running; doesn't seem to be taxing things any more than usual and DNS management is easier now. :-)
I'll keep an eye out for all the things you mentioned.
I'll keep an eye out for all the things you mentioned.
but if your web server and dns server works as domain controller for your network then its not wise
you should always put public web server in DMZ and internal domain controller inside a firewall.