Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Open Source DNS Virtual Appliance

Posted on 2013-12-05
2
Medium Priority
?
4,507 Views
Last Modified: 2013-12-07
We would like to deploy a public facing DNS server in our DMZ.  All of our DMZ servers reside on a VMware 5 host.  I was wondering if there are any open source DNS servers with web interfaces that come pre-assembled on a hardened Linux appliance.  I'm basically looking for an OVF template that I can deploy on our VMware host and then browse to it to configure it.  I don't know enough about Linux to properly deploy a secure DNS server from scratch and I don't really want to pay for Windows Server 2008 R2 licenses just for DNS.
0
Comment
Question by:CIPortAuthority
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 20

Accepted Solution

by:
edster9999 earned 2000 total points
ID: 39699558
Hmmmmm.... tough question -
This is one of those questions where there is no right answer and whatever is said, people will say that is the worst answer.
There is no good or bad Linux distribution - just osme do things better than others.

First of all - there is no distribution that is ready built just as a DNS server.  I guess this job is too small.  Linux does so much - people would be thinking why limit it to do just that.
Almost any distribution will allow you to install a DNS service like BIND  (or will come with it already installed).

There will then be people who shudder at the idea of configuring your server over GUI or web interface when it is in the DMZ.  What if there is a security hole and someone redirects your web services to their server ?
One option here would be to have two servers.  One inside your closed down firewall which you can configure with a web page - and this then feeds out to one outside.
Another idea would be to have the server in a slightly more secure location so it is firewalled off and ONLY the ports needed for DNS would be allowed through - the rest could come from inside your firewall and allow more access to config etc.

Pick a Linux distribution - look for one that has a secure server setup.
When you have that install a GUI config like WEBMIN and then get the ports opened on the firewall to allow it to work.

You should also have a backup DNS out on the internet.  There are free ones or pay ones - depending on what you want / need it to do.

Good luck :)
0
 

Author Closing Comment

by:CIPortAuthority
ID: 39703009
Sorry for taking so long to reply but I was waiting to see if there would be any other comments.

Thanks for the helpful information!
0

Featured Post

Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Suppress Configuration Issues and Warnings Alert displayed in Summary status for ESXi 6.5 after enabling SSH or ESXi Shell.
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
Teach the user how to use configure the vCenter Server storage filters Open vSphere Web Client:  Navigate to vCenter Server Advanced Settings: Add the four vCenter Server storage filters: Review the advanced settings: Modify the values of the four v…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question