Page 1 of 2 12 LastLast
Results 1 to 25 of 40
  1. #1

    Which is the best DNS Server?

    Hello guys,
    My friend is gonna start a service like afraid.org, and he needs a dns server which is powerful and light weight and nicely features well. He will prolly maintain millions of records so we need one which can handle that...please help

    thanks and regards

    edit: we are currently considering BIND, mydns and powerdns, we are not sure about which one is the best among these three, though...lol
    Last edited by amjadali; 07-16-2009 at 10:02 AM.

  2. #2
    BIND i think is the most used dns server. have you tried to compare their features?
    HalfDedi.com • Half Dedicated Half Price
    We provide affordable VPS hosting solution Singapore datacenter

  3. #3
    powerdns, is mysql based so it should be easy to do.

  4. #4
    Join Date
    Nov 2003
    Location
    Lynnwood, WA
    Posts
    438
    PowerDNS +1. Seen nothing but good things out of this package.

    BIND is crap. Plain and damn simple. Anyone telling you they run a gigantic installation on BIND, and it's working, is generally one or more of the following:

    * using a forked copy of the code they got or built themselves, and if built themselves generally means they literally have a 1+ staff of C developers just to maintain their BIND fork (hi, Yahoo)
    * has way more staff, way more servers, and way more complexity of infrastructure than would have been necessary with other DNS servers in order to maintain their BIND install
    * constantly having issues, service-impacting or not, because of their use of BIND in a giant environment
    * is just ripe with potential security problems, yes, even on BIND9

    BIND is the most used because it IS reasonable for a couple domain names, and is, for some stupid reason, still the default on most linux distributions and people don't think to change that. NOT because it is the best DNS server. NOT. NOT. NOT NOT NOT NOTNOTNOTNOT.

  5. #5
    I think the BIND DNS Server is used on the vast majority of name serving machines on the Internet.
    SUPPORT FACILITY | 24/7 TECH SUPPORT
    SERVER MANAGEMENT | WEB HOSTING SUPPORT | WP EXPERTS

  6. #6
    Yup bind is used in almost 90% world wide.its stable and easy to debug

  7. #7
    Join Date
    Apr 2003
    Location
    San Jose, CA.
    Posts
    1,624
    PowerDNS +1000000

    It's not just "MySQL" based... SQL backends can be anything from MySQL, Postgress, DB2, Oracle, SQLite, etc... You can also serve standard Bind zone files in case you just want to try it out.

    MyDNS is ok, but I can't really think of anything that PowerDNS can't do just as well or better. MyDNS went through a developer change a while back and the dev cycle is still sporadic with the main developer simply having more important day-job things they need to deal with.
    Daved @ Lightwave Networking, LLC.
    AS1426 https:/www.lightwave.net
    Primary Bandwidth: EGIHosting (NLayer, NTT, HE, Cogent)
    Xen PV VPS Hosting

  8. #8
    Join Date
    Nov 2003
    Location
    Lynnwood, WA
    Posts
    438
    Now you see why I said 'NOT' like a dozen times. Here come all the 'bind's in use everywhere' crowd who have OBVIOUSLY never hosted 100K+ domains off a bind setup. I have. I hated it.

    You know where it's not in use? Big shops (or they meet one/all of my above post's criteria, like Yahoo and their multiple C programmers to maintain their own version of BIND). You know what doesn't use BIND? afraid.org, opendns.org. Etc. Which is what you say you want to build. Why? Because getting bind to pull its weight in those environments is more trouble than it is worth.

  9. #9
    Join Date
    Apr 2003
    Location
    Earth
    Posts
    156

  10. #10
    Join Date
    Dec 2006
    Posts
    480
    If its going to be authoritative only - i.e. it isn't going to need to forward to other DNS servers, I'd suggest NSD (http://www.nlnetlabs.nl/projects/nsd/). It was developed for use as a root/tld server so is happy with heavy load.

  11. #11
    Join Date
    Jul 2009
    Posts
    240
    whats the level of expertise does your group have?

    since you are offering an authoritative DNS service - you should also look deeply into the security not only of the DNS server but the base system and packages you are deploying with it.

    Look into Freebsd + TinyDNS/axfrdns (aka djbdns)

    its lightweight, fast and quite secure

  12. #12
    Bind is my choice Free, fast, easy to configure and administrate

  13. #13
    Join Date
    Mar 2009
    Location
    Chicago, IL
    Posts
    219
    Quote Originally Posted by Nex7 View Post
    Now you see why I said 'NOT' like a dozen times. Here come all the 'bind's in use everywhere' crowd who have OBVIOUSLY never hosted 100K+ domains off a bind setup. I have. I hated it.

    You know where it's not in use? Big shops (or they meet one/all of my above post's criteria, like Yahoo and their multiple C programmers to maintain their own version of BIND). You know what doesn't use BIND? afraid.org, opendns.org. Etc. Which is what you say you want to build. Why? Because getting bind to pull its weight in those environments is more trouble than it is worth.
    I've personally setup and configured a Bind based setup with 250k+ domains syncing from about 180-200ish different shared hosting boxes and reloading confs every 20 mins. I think you're 100% wrong in everything you just said. Sorry. Also, Sprint uses Bind, which is something I know for a fact. Consider that every mobile device on their network has a DNS registration and performs lookups off their bind clusters. I'd call that a pretty big shop and probably generating more DNS traffic than Yahoo does although that's hard to quantify.



    Now, to answer the original post,

    There's quite a few different NSs out there that'll do what you want. While Bind is by far and long the most popular NS out there, it is a bit more of a pain to configure properly unless you're using a control panel type solution which should handle it for you. It's by the most documented DNS server and generally the most supported as *anyone* who's done admin stuff for awhile has had to work on them.

    PowerDNS seems cool, but tbh, MySQL backed DNS isn't something that everyone needs. I think that if you're using an application to interface with your NSs and update/remove entries from some sort of frontend, then this is where PowerDNS would shine. Otherwise it's taking a simple service and making it complex.

    There's always the DJB alternatives as well like TinyDNS, but those things can be a bit... interesting to setup. However they're by long and far one of the most efficient DNS servers I've ever seen. Very fast, Very small and very lightweight. However don't expect them to plugin to anything easily.

  14. #14
    Of the four mentioned above, in terms of source code clarity/cleanliness, I would rank them as follows:

    1. djbdns
    2. nlnetlabs
    3. powerdns
    4. bind

    As it happens, it is also about how I would rank them in stability.

    Bind might have the most features, but that is because isc.org dominates the standards discussions. Things get put in according to the isc.org "vision". The code itself seems to have been written with a good supply of bad drugs at hand.

    We don't use any of them.
    edgedirector.com
    managed dns global failover and load balance (gslb)
    exactstate.com
    uptime report for webhostingtalk.com

  15. #15
    Join Date
    Apr 2009
    Location
    Nevada
    Posts
    662
    Bind9 is multithreaded.
    Quote Originally Posted by Nex7 View Post
    * using a forked copy of the code they got or built themselves, and if built themselves generally means they literally have a 1+ staff of C developers just to maintain their BIND fork .
    James B
    WWW.EZEELOGIN.COM |Setup your Secure Linux SSH GatewayMEET PCI DSS & ISO 27001 Compliance|Manage & Administer Multiple Linux Servers Quickly & Securely.

  16. #16
    Join Date
    Jun 2008
    Location
    India
    Posts
    266
    go for BIND, easy to manage..
    Ranjith
    Light travels faster thn sound.This is why some people look bright until you actually hear them speak

  17. #17
    Easy to configure and maintain go for Bind.

    Binoy

  18. #18
    Join Date
    Mar 2009
    Posts
    39
    For a novice user, BIND. For a bit more advanced of a user, djbdns.

  19. #19
    Quote Originally Posted by DJMizt73 View Post
    whats the level of expertise does your group have?

    since you are offering an authoritative DNS service - you should also look deeply into the security not only of the DNS server but the base system and packages you are deploying with it.

    Look into Freebsd + TinyDNS/axfrdns (aka djbdns)

    its lightweight, fast and quite secure
    +1 djbdns
    Its the most secure out there. even the famous DNS security hole was discovered, djbdns was the only server which wasn't not affected. its whole architecture is built around security.

    Do check it out

  20. #20
    Join Date
    Nov 2003
    Location
    Lynnwood, WA
    Posts
    438
    Quote Originally Posted by Gary4gar View Post
    +1 djbdns
    Its the most secure out there. even the famous DNS security hole was discovered, djbdns was the only server which wasn't not affected. its whole architecture is built around security.

    Do check it out
    Actually PowerDNS was also unaffected. BIND was vulnerable, of course.

  21. #21
    Join Date
    Nov 2003
    Location
    Lynnwood, WA
    Posts
    438
    Quote Originally Posted by SA-ChrisM View Post
    I've personally setup and configured a Bind based setup with 250k+ domains syncing from about 180-200ish different shared hosting boxes and reloading confs every 20 mins. I think you're 100% wrong in everything you just said. Sorry. Also, Sprint uses Bind, which is something I know for a fact. Consider that every mobile device on their network has a DNS registration and performs lookups off their bind clusters. I'd call that a pretty big shop and probably generating more DNS traffic than Yahoo does although that's hard to quantify.
    And in all those environments, a number of things are occurring if they have half a brain.

    * Multiple servers that are sharding the DNS entries so that no one server is responsible for ALL of the entries, and no one server is ONLY responsible for an entry.
    * Load balancing to split the requests across all those servers.

    Now neither of those is a BAD idea; the problem is with BIND they're required. How long does it take you to start bind cold with 250,000 domains? I know over here with very reasonable hardware it takes forever.

    While that's not necessarily a game stopper when you've got a farm of DNS servers that can pick up the slack after one crashes, what happens when through some fluke, an invalid entry gets tossed to all the DNS servers at the same time (as I've seen happen), crashing them all simultaneously?

    On PowerDNS, you'll be serving requests again within seconds of a restart.

    On BIND, you'll be serving requests again when it feels like it, and you'll be sitting there watching it load and constantly querying it, praying this time it responds while your boss breathes down your neck asking why the DNS servers still aren't up and customers are still complaining even though you were "on the problem" a half-hour ago.

  22. #22
    I feel Bind would be the best, but its a bit heavy. Go for some other only if your server resources are limited and if it is going to server large number of Zones.

  23. #23
    Join Date
    Mar 2009
    Location
    Austin Tx
    Posts
    2,007
    Quote Originally Posted by SA-ChrisM View Post
    I've personally setup and configured a Bind based setup with 250k+ domains syncing from about 180-200ish different shared hosting boxes and reloading confs every 20 mins. I think you're 100% wrong in everything you just said. Sorry. Also, Sprint uses Bind, which is something I know for a fact. Consider that every mobile device on their network has a DNS registration and performs lookups off their bind clusters. I'd call that a pretty big shop and probably generating more DNS traffic than Yahoo does although that's hard to quantify.



    Now, to answer the original post,

    There's quite a few different NSs out there that'll do what you want. While Bind is by far and long the most popular NS out there, it is a bit more of a pain to configure properly unless you're using a control panel type solution which should handle it for you. It's by the most documented DNS server and generally the most supported as *anyone* who's done admin stuff for awhile has had to work on them.

    PowerDNS seems cool, but tbh, MySQL backed DNS isn't something that everyone needs. I think that if you're using an application to interface with your NSs and update/remove entries from some sort of frontend, then this is where PowerDNS would shine. Otherwise it's taking a simple service and making it complex.

    There's always the DJB alternatives as well like TinyDNS, but those things can be a bit... interesting to setup. However they're by long and far one of the most efficient DNS servers I've ever seen. Very fast, Very small and very lightweight. However don't expect them to plugin to anything easily.
    I second that.

    I've used bind for the last 15 freekin' years in all kinds of situations, and extremely, extremely heavy loads. I've had little to no problem with it at all. And I've tried just about everything out there over the years, "just in case".

    Some folks just don't like using mainstream anything, and will speak out against such regardless. Mostly teens, early 20s. But, as an expert bind admin, I can tell you it does handle load. If your NS hierarchy is going to be hammered, of course there are steps to optimize, but this would be the same for basically any service.

    If you are loading 100K+ zones, you MAY want to spread it a bit...would you put 1000+ web sites, even on the worlds best serving software, on one instance? No. You would load balance it in some way. Just like any service.
    If it didn't handle it, would you trash it to no end? If my employee's were 1/2 as reliable as bind, I'd have it made.

    MSDNS, now THERE's a server that can't handle much....
    This is the best signature in the world....Tribute!
    (It is not the best signature in the world, no. This is just a tribute)

  24. #24
    Join Date
    Jun 2006
    Location
    NYC / Memphis, TN
    Posts
    1,454
    Quote Originally Posted by BarackObama View Post
    Bind9 is multithreaded.
    lol Actually the guy you were responding to had said it was forked. Which means they created a branched development off of the existing product. (Heavily modified BIND)

    I also agree with many of the folks above. BIND is crap for more than 10,000+ records. NEVER EVER use BIND for such a configuration

    If it didn't handle it, would you trash it to no end? If my employee's were 1/2 as reliable as bind, I'd have it made.
    That's not saying much either. BIND is slow and prone to corruption issues. Not to mention the ease of management...Just isn't there when you start talking that many records.

    PowerDNS or djbdns all the way.
    PeakVPN.Com | Complete Privacy VPN | Cloud Hosting | Guaranteed Security | 1Gbps-10Gbps Unmetered
    PeakVPN | 31 VPN Servers | 17-Years Experience | Emergency 24/7 Support
    Visit us @ PeakVPN.Com (Coming SOON) | ASN: 3915

  25. #25
    thanks guys this seems to help me a lot, i am pondering over asking him to go with djbdns,
    Which one does afraid.org use btw??

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 10
    Last Post: 11-11-2007, 09:46 AM
  2. 3+ Server Cluster, 1TB File Server, 10M (3,240G xfer) Included, $99/Server
    By alias_willsmith in forum Dedicated Hosting Offers
    Replies: 7
    Last Post: 08-28-2007, 05:40 PM
  3. Replies: 0
    Last Post: 12-04-2006, 03:55 PM
  4. Replies: 0
    Last Post: 03-13-2006, 12:23 AM
  5. Replies: 1
    Last Post: 08-24-2005, 10:55 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •