"Constantine A. Murenin" <muren...@gmail.com> wrote: > On 24 October 2013 07:35, Predrag Punosevac <punoseva...@gmail.com> wrote: > > Hi Misc, > > > > This is not an OpenBSD specific question but since the list is full of > > security and network professionals I would like to solicit your > > opinion. > > > > Are there any strong opinions on DNS Hosting & Managed DNS providers. We > > are small Lab currently using ZoneEdit. I believe ZoneEdit was chosen > > at the time they were free. We are looking to move to something little > > bit more secure with DNSSEC support out of box. We have one domain name, > > small web server and a mail server. > > Do you run it all out of a single network? > > If so, then running a third-party DNS is not recommended: > http://cr.yp.to/djbdns/third-party.html > That was an interesting reading.
> OTOH, named and nsd in base work great. > I inherited managed DNS setup for our web site and mailing lists as well as full blown BIND for internal network. I am moving internal network to Unbound, trying to get permission to outsource mailing lists to our university host and trying to avoid running NSD just to have our small web site visible by outside world. I appreciate all knowledge shared with me on and off this list. @Nicolai I am with you on DNSSEC. One of the reasons I asked bout managed DNS on this list was a hope to have non BIND recommendations. Most Kind Regard, Predrag > BTW, if you start adding DNS servers in far away places around the > world, and with bad connectivity from your target audience, then the > time it takes to resolve your domain for your target audience will > suffer overall, not improve. > > Yes, these ideas are basically exactly the opposite of what the > marketing would lead you to believe. > > C.
