> Is there a document for dns & bind best practices?
> I googled but found nothing valueable.
I am not aware of one. The various books have some information which could
be called "best practices".
There's some best practices RFCs, like:
Selection and Operation of Secondary DNS Servers
http://www.rfc-editor.org/rfc/rfc2182.txt
Domain Name System (DNS) IANA Considerations
http://www.rfc-editor.org/rfc/rfc5395.txt
(and probably others I've missed)
You didn't mention what you're planning to do with DNS & BIND, so it's a
bit tricky to say whether these apply to you or not. Running a resolving
nameserver is different from running for example a big dynamic DNS
service, etc.
Describe what you're planning to do, and it will be much easier to chip in
with some advice.
The general non-specific advice will probably apply in most/all cases though:
- run a somewhat recent version of BIND
- set up some logging, and watch the logs. Depending on your needs, you
might not (or perhaps you do?) need full query logging etc.
- remember that DNS is using both UDP and TCP port 53, and EDNS0 allows
for bigger UDP packets as well. And don't limit BIND to a specific port
for external (outbound) queries
Regards
Eivind Olsen
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
