My ISP said that they are going to discontinue DNS services and that I would have to go thru them. They said if I was willing to be completely responsible for my DNS I can keep them up and running. My question here is what are some of the pros and cons of running your own DNS? Keep in mind that I will try and keep up with all the latest patches so I hope hacking it won't be much of a problem.

[Edited by tymonhall on 02-22-2001 at 07:32 PM]

Pros:
You control the domains, so you don't have to worry about relying on your ISP for changes, etc. You, as you said, can also make sure you are running the latest version of BIND and can make sure you are running DNS securely.

Cons:

You need a secondary DNS server, preferably on a seperate network (ie Don't Microsoft your DNS) and of course you have to worry about keeping up with all the latest security patches.

Running your own DNS you can avoid additional fee's that are usually charged for virtual name servers, sub-domains, and domain parking. Of course like was said above you have to be on top of security issues.

X-treme

Originally posted by uuallan
Cons:

You need a secondary DNS server, preferably on a seperate network ...

Is that really a necessity? Suppose you have a dedicated server where you host all your sites and run DNS... If the DNS service is unreachable, it's very likely that your whole server is unreachable. And in that case, it wouldn't matter that you had a secondary DNS because your sites are still unreachable.

In this case, would it still be useful to have a secondary DNS server?

Originally posted by Rehan

Is that really a necessity? Suppose you have a dedicated server where you host all your sites and run DNS


Absolutely it is necessary. I've been doing this a long time, and my experience has been, and continues to be, that people can live without their website, but don't tell them their e-mail is broken :). So, we run secondary DNS for all of our clients on a server located on a completely different network segment. In addition we run a secondary mail server, also on a different network segment. If our primary connection goes down, then mail is still sent to the secondary mail server which tries to deliver mail to the primary serverfor up to 4 days (fortunately, we have never had to test it for quite that length of time :)). Is it more expensive to do it this way? Yes, but we also don't advertise ourselves as the cheapest host :).

One advantage of running your own DNS: if you have another dedicated server with a different service provider you can use your DNS server to point domain names to that server. If you're using your service provider's DNS, I highly doubt they'd be happy about you using their DNS servers to point domain names to a competing service. :)

Thanks for all the input. What about security? The only way that I can make sure everything is secure is to keep up with patches and stuff. Are there any other con's about running your own DNS with hackers?

As i experienced, keeping up with the patches that Cobalt provides isn't sufficient :(

You have to be able to telnet in to your box and upgrade things like BIND manually.

Thats not a problem, by the way any one know how to get the latest version of Bind?

http://www.isc.org/products/BIND/

http://www.freshmeat.net

Freshmeat is a good spot to look for updates of any kind to pretty much any UNIX software. Just do a search for what you are looking for on their main page.

Brian