Solved

Open Source DNS Virtual Appliance

Posted on 2013-12-05
2
4,345 Views
Last Modified: 2013-12-07
We would like to deploy a public facing DNS server in our DMZ.  All of our DMZ servers reside on a VMware 5 host.  I was wondering if there are any open source DNS servers with web interfaces that come pre-assembled on a hardened Linux appliance.  I'm basically looking for an OVF template that I can deploy on our VMware host and then browse to it to configure it.  I don't know enough about Linux to properly deploy a secure DNS server from scratch and I don't really want to pay for Windows Server 2008 R2 licenses just for DNS.
0
Comment
Question by:CIPortAuthority
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 20

Accepted Solution

by:
edster9999 earned 500 total points
ID: 39699558
Hmmmmm.... tough question -
This is one of those questions where there is no right answer and whatever is said, people will say that is the worst answer.
There is no good or bad Linux distribution - just osme do things better than others.

First of all - there is no distribution that is ready built just as a DNS server.  I guess this job is too small.  Linux does so much - people would be thinking why limit it to do just that.
Almost any distribution will allow you to install a DNS service like BIND  (or will come with it already installed).

There will then be people who shudder at the idea of configuring your server over GUI or web interface when it is in the DMZ.  What if there is a security hole and someone redirects your web services to their server ?
One option here would be to have two servers.  One inside your closed down firewall which you can configure with a web page - and this then feeds out to one outside.
Another idea would be to have the server in a slightly more secure location so it is firewalled off and ONLY the ports needed for DNS would be allowed through - the rest could come from inside your firewall and allow more access to config etc.

Pick a Linux distribution - look for one that has a secure server setup.
When you have that install a GUI config like WEBMIN and then get the ports opened on the firewall to allow it to work.

You should also have a backup DNS out on the internet.  There are free ones or pay ones - depending on what you want / need it to do.

Good luck :)
0
 

Author Closing Comment

by:CIPortAuthority
ID: 39703009
Sorry for taking so long to reply but I was waiting to see if there would be any other comments.

Thanks for the helpful information!
0

Featured Post

Application Discovery Service in AWS

In the era of the cloud, customers migrating away from their existing on-premise infrastructure. This requires lots of planning, strategies, and effort to identify their existing resources and determine how best to migrate.  Datacenter migrations happen in four phases -

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Will try to explain how to use the VMware feature TAGs in the VMs and create Veeam Backup Jobs using TAGs. Since this article is too long, I will create second article for the Veeam tasks.
Last article we focus in how to VMware: How to create and use VMs TAGs – Part 1 so before follow this article and perform the next tasks, you should read the first article how to create the TAG before using them in Veeam Backup Jobs.
Teach the user how to use create log bundles for vCenter Server or ESXi hosts Open vSphere Web Client: Generate vCenter Server and ESXi host log bundle:  Open vCenter Server Appliance Web Management interface and generate log bundle: Open vCenter Se…
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question