Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : DNS setup

[TMM]

Hi,

I'd like to ask you guys for some qualified DNS advice..

We are currently setting up a VPS server, which will be used for a specific client portfolio that we are aquiring from another company. This is a Linux based server with WHM/Cpanel.

However, we wish to set up DNS in the best possible way, since we need to host DNS for some vital ISP services also. I gather this probably means using a combination of DNS on the VPS server itself, as well as one or more other DNS servers in other physical locations. The VPS server itself is located in Amsterdam, while most clients are here in Norway - thus ensuring reliability for local clients is the most important consideration.


Now some key questions:
- How important is the physical location of the DNS servers, and where should these ideally be located?
- Is a cluster solution the way to go - and is this supported by WHM/Cpanel?
- We have Linux and Windows based servers on our local network; could these be used for DNS also? If so, tips on software needed?


Your general advice and recommendations would be much appreciated...

Thanks,

TMM

[brianoz]

I'd use an independent highly-reliable DNS provider such as UltraDNS - they provide multiple servers around the globe and the servers are all highly-available. You'd only use them for your key domains, probably not for your standard customer hosting packages.

[TMM]

Thanks, I have browsed through their services and sent an e-mail asking for more info.

Any idea of whether their DNS can be added to Cpanel/WHM and managed from there (or vice versa)?

[brianoz]

Not sure what you mean by asking whether their DNS can be added to cpanel, the words in the question don't make sense! DNS is the internet-wide domain name system. If you use UltraDNS you would point your domain nameservers to UltraDNS which would in turn point to your server domains.

[brianoz]

Here's some reading on DNS which should help you make sense of it all - it's actually not that hard.

http://www.howstuffworks.com/dns.htm

http://www.faqs.org/docs/linux_netwo...wdnsworks.html

http://pigtail.net/LRP/dns-system.html

http://technet2.microsoft.com/Window....mspx?mfr=true

Enjoy

[TMM]

Thank you for the info, brianoz.

I realize my question was phrased rather poorly; what I was trying to ask it whether external DNS servers (such as those provided by UltraDNS) can be managed/updated through Cpanel? From what I have been told, there is supposed to be a function for setting up "clustered DNS" in WHM/Cpanel..

Thanks,

TMM

[brianoz]

No, they need to be updated through UltraDNS. They'll have a web interface though. It all depends on what you're trying to do!

[macooper]

If you want to use the cpanel clustering option, you would need to install this http://www.cpanel.net/products/dnsonly/index.htmon your linux servers and cluster it with cpanel.

Alternatively, you could setup secondary DNS directly with bind so that every time you create a domain in cpanel it gets reflected in your secondary DNS servers.

I would recommend using the cpanel dns only package (as it's free) unkess you ahve a specific reason to do things differantly. If you want to try using bind directly rather than through cpanel, http://www.zytrax.com/books/dns/has some very good info on how to set things up.

[cinu]

Physical location of DNS servers is not a big deal. You can have the DNS servers anywhere in the world where you have a decent connectivity.

Cluster solution is the best as both with will get updated, and if you are using cpanel/WHM for other servers, you should go for the cpanel nameserver version which gets synced up automatically.

[TMM]

Thanks for the comments, everyone..

Do you have experience using cPanel DNS Only, in terms of stability and quality? Any bugs or security issues that could be a concern - and does it take much work managing such a solution?

TMM

[cinu]

Installation is straight forward. You can download the free software from http://layer1.cpanel.net/, I am not aware of any security issues/bugs with the DNS only version. It's quite stable too..Once it is set you don't have much things to do for managing, except while adding new servers to the cluster. Adding new server is also a straight forward step and have enough tutorials available for the same.

[TMM]

So one should be able to install this on a local Linux server and/or a separate VPS, while using the WHM/Cpanel based DNS server included within our primary (hosting) VPS package to manage records?

Some people claim that running a DNS server takes a lot of work, due to security issues etc etc... but in your experience, this should not be the case, using the solution described?

[macooper]

Once setup, you should have very little trouble with the DNS server. However, before putting the DNS on a VPS, do make sure you have adequate resources for the number of queries the server is likely to process. The most common issue I have seen with DNS is due to overloaded DNS servers, resulting in timeouts during lookups. This is made worse by the fact that the majority of DNS lookups use UDP.

The only things you need to worry about security wise is to make sure you have resolvers separate to your authoritative servers, disable zone transfers to public hosts and ensure that recursion is disabled on your authoritative servers. Such a setup will prevent most DNS poisening attacks (which are currently on the increase).

Of course, you also have your normal server security to take care of for each server.

[TMM]

Martin,

Thanks a lot for the info. I have begun reading up on the site you recommended, and it seems there is much interesting knowledge to find...

TMM