Solved

Open Source DNS Virtual Appliance

Posted on 2013-12-05
2
4,263 Views
Last Modified: 2013-12-07
We would like to deploy a public facing DNS server in our DMZ.  All of our DMZ servers reside on a VMware 5 host.  I was wondering if there are any open source DNS servers with web interfaces that come pre-assembled on a hardened Linux appliance.  I'm basically looking for an OVF template that I can deploy on our VMware host and then browse to it to configure it.  I don't know enough about Linux to properly deploy a secure DNS server from scratch and I don't really want to pay for Windows Server 2008 R2 licenses just for DNS.
0
Comment
Question by:CIPortAuthority
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 20

Accepted Solution

by:
edster9999 earned 500 total points
ID: 39699558
Hmmmmm.... tough question -
This is one of those questions where there is no right answer and whatever is said, people will say that is the worst answer.
There is no good or bad Linux distribution - just osme do things better than others.

First of all - there is no distribution that is ready built just as a DNS server.  I guess this job is too small.  Linux does so much - people would be thinking why limit it to do just that.
Almost any distribution will allow you to install a DNS service like BIND  (or will come with it already installed).

There will then be people who shudder at the idea of configuring your server over GUI or web interface when it is in the DMZ.  What if there is a security hole and someone redirects your web services to their server ?
One option here would be to have two servers.  One inside your closed down firewall which you can configure with a web page - and this then feeds out to one outside.
Another idea would be to have the server in a slightly more secure location so it is firewalled off and ONLY the ports needed for DNS would be allowed through - the rest could come from inside your firewall and allow more access to config etc.

Pick a Linux distribution - look for one that has a secure server setup.
When you have that install a GUI config like WEBMIN and then get the ports opened on the firewall to allow it to work.

You should also have a backup DNS out on the internet.  There are free ones or pay ones - depending on what you want / need it to do.

Good luck :)
0
 

Author Closing Comment

by:CIPortAuthority
ID: 39703009
Sorry for taking so long to reply but I was waiting to see if there would be any other comments.

Thanks for the helpful information!
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Will try to explain how to use the VMware feature TAGs in the VMs and create Veeam Backup Jobs using TAGs. Since this article is too long, I will create second article for the Veeam tasks.
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
Teach the user how to install and configure the vCenter Orchestrator virtual appliance Open vSphere Web Client: Deploy vCenter Orchestrator virtual appliance OVA file: Verify vCenter Orchestrator virtual appliance boots successfully: Connect to the …
Advanced tutorial on how to run the esxtop command to capture a batch file in csv format in order to export the file and use it for performance analysis. He demonstrates how to download the file using a vSphere web client (or vSphere client) and exp…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question