Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Proper way to setup DNS cluster
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Proper way to setup DNS cluster

kontamkontam Member
edited March 2013 in Help

Hello everyone,

I want to learn more about how DNS works so I'm setting up my own DNS cluster of two servers to serve my website on a third server.

1.Type of software
Which dns software should I choose? I'd like to hear hands on experience opinion, BIND, djndns, NSD, powerDNS and most importantly why?

2.Authoritative vs Recursive?
Which one to server me better? I still don't quite understand the difference between these two.

So how should I go about it? I don't want complete solutions such as automated scripts or complete solutions such as cPanel DNSonly, I want to learn so I need to setup master and slave manually. So as I see it, my website server (1.1.1.1) has many domains hosted on it and I want to set up two different nameservers to server my website. One DNS server is master (1.1.1.2) and another one is a slave (1.1.1.3). Each time a query is made, the DNS server looks it up on the master, a slave is only a copy.

Every guide I've read so far is confusing, I don't know how to set them up properly. Is anyone willing to go help me with this one? I was thinking of either OpenBSD or CentOS for server software.

«1

Comments

  • flyfly Member
    edited March 2013

    meh centos

    nsd3 all the way:

    http://blog.voltaire.sh/2012/08/09/nsd3-configuration/

    I would fiddle around with setting up your own slave, but then once you get the gist of it, I would run a hidden master on your VPS while using your provider's DNS servers as slaves. For example, I'm using Linode's, while you can also use any other provider that supports AXFR, like dns.he.net or rage4.

    Take a look at setting up dnssec as well:

    http://blog.voltaire.sh/2013/02/13/dnssec-on-nsd3/
    http://www.nlnetlabs.nl/publications/dnssec_howto/

  • mikhomikho Member, Host Rep
    edited March 2013
  • NeoNeo Banned

    PowerDNS and Mysql Replication ;D

  • We're using MyDNS-NG in a master/client configuration, and quite like it. The cluster is serving about 4000 zones, and the slaves can run on 128mb VPS instances without issue.

  • NeoNeo Banned

    Yeah you can use 2x 128MB VPS's for it.

  • raindog308raindog308 Administrator, Veteran

    I used to use nsd3 before I decided my needs were simple and my registrar could have the work.

    I didn't use slaves with inter-node syncing...just had a script that pushed out configs to each server and forced a reload. My updates weren't that frequent and it was simple.

  • sleddogsleddog Member
    edited March 2013

    @kontam said: I want to learn so I need to setup master and slave manually. So as I see it, my website server (1.1.1.1) has many domains hosted on it and I want to set up two different nameservers to server my website. One DNS server is master (1.1.1.2) and another one is a slave (1.1.1.3). Each time a query is made, the DNS server looks it up on the master, a slave is only a copy.

    The master DNS server is where you maintain your zones and make changes: add, remove, modify zones. These changes are then propagated to one or more slave servers. The master and slaves are all authoritative for your domains. A dns query for one of your domains might go to either of your dns servers, and it should receive exactly the same response from each server.

  • danodano Member
    edited March 2013

    I personally like the PowerDNS with MySQL primary-secondary-etc situation myself. I currently run this config on one project, and it's been almost maintenance free - I can create a record in the web-based control panel I have on the master, and when I check the table in a remote node, it's always been updated also. This config is very flexible though, and I prefer it to Bind on any day.

  • Thank you all so very much. I've read all those articles which links you posted here. I actually wanted to hear the reason behind using mydns or powerdns. Do I have to add zones manually with all of them?

    @sleddog you mentioned authoritative word, can you give me an example of recursiveness?

    I keep reading that BIND is de facto a standard in the industry, but is as well very vulnerable.

  • raindog308raindog308 Administrator, Veteran

    Just remembered I wrote an NSD tutorial:

    http://freevps.us/thread-2349.html

  • sleddogsleddog Member
    edited March 2013

    @kontam said: you mentioned authoritative word, can you give me an example of recursiveness?

    If you run a recursive nameserver, then it can be used to resolve domains that you do not control.

    For example, if your nameservers are recursive, I could send a dns request to your nameserver for "microsoft.com" and your nameserver would provide a response.

    If your nameservers are "authoritative-only", then they provide responses for only your domains -- the domains you have configured (and the ones you have set at the registrar to use your nameservers). In this case, a dns query for "microsoft.com" would be refused.

    When you run your own nameservers, you absolutely want them to be authoritative-only. Allowing then to be recursive opens the door for various kinds of nastiness.

    Thanked by 1Mridul
  • @raindog I've seen your tutorial before, it's good, thank you for posting.

    @sleddog thank you very much, you have explained to me in few simple words what complete articles couldn't.

    One more question for you guys. Which dns software except BIND doesn't need to be restarted after adding zones? And what's the easier way to automate adding zones? Thank, you have all been so helpful.

  • gbshousegbshouse Member, Host Rep

    @kontam - you can try PowerDNS with MySQL backend. If you need third party DNS feel free to contact me via PM for some extra Rage4 DNS free usage tier ;)

  • Powerdns any day. The guide mikho is mentioning is a repost of an old guide and that is highly out of date.

  • mikhomikho Member, Host Rep

    @blergh_
    Not a repost at all, I did the setup on two buyvm yearly vps. I did however read some outdated guides to point me in the right direction ( solus being one of them ).

  • DalCompDalComp Member
    edited March 2013

    @MikHo, Most important thing is that it's working. And now I have 4 DNS servers up and running, all by following your guide. Keep the site updated! ;)

  • mikhomikho Member, Host Rep

    Thank you @DalComp
    There are one or two more 'guides' scheduled for this week. They are held back since I'm not really happy with the "flow" when reading them.

  • My vote for Bind.. It was very easy to set up the master and 2 slaves on VPS and running fine since last 1.5 years..

  • mikhomikho Member, Host Rep

    @blergh_

    Never seen that site before, but its the internet. Still alot more to explore.

  • I've setup master and slave DNS with PowerDNS and MySQL using the guide MikHo posted: http://www.lowendguide.com/database/powerdns-cluster-with-poweradmin-web-interface/

    I don't want anything else running on my name servers so I'll have to add zones manually through the console. Are there any templates on how to do that?

    Thanks everyone for being so helpful. I decided to go with the PowerDNS, we'll see how it goes.

  • BTW: March 3: The post is now updated with a note that it is not recommended to be enabled on public servers.

    What is that?

  • @kontam said: BTW: March 3: The post is now updated with a note that it is not recommended to be enabled on public servers.

    What is that?

    Was in reference to recursion. Recursion on a public server is asking for abuse

  • Oh that, thanks.

    It's been almost 24h and my dns is not switching. I have glue records setup pointing ns1 and ns2 to my two nameservers and have setup a record for my domain.com pointing to my server IP. It's still showing the old website.

    Could it be that poweradmin hasn't correctly added the zone file? I can't find the zone file location to check manually. Where is this located? I'm using PowerDNS.

  • @kontam said: Could it be that poweradmin hasn't correctly added the zone file? I can't find the zone file location to check manually. Where is this located? I'm using PowerDNS.

    Check the database file

  • table 'records' is fine. I have no option but to wait, it's been more than 15h so far and it has never ever taken more more than few hours before when I changed nameservers on different servers.

  • You sure it's not DNS cache?
    Check out https://developers.google.com/speed/public-dns/

  • I flushed dns cache on my PC, still no change. I remember propagation taking too long when I've setup a whm/cpanel server with self-owned nameservers. Also took long to propagate, but after that it's been working very quickly. Maybe this is the same case. We'll see. Thank you.

  • AmfyAmfy Member

    @kontam said: I flushed dns cache on my PC, still no change. I remember propagation taking too long when I've setup a whm/cpanel server with self-owned nameservers. Also took long to propagate, but after that it's been working very quickly. Maybe this is the same case. We'll see. Thank you.

    Not sure what you are talking about, but try dig yourdomain.com @ns1.yourdns.com

    Dig even supports some kind of tracing stuff, etc. Pretty helpful for debugging :)

  • It says ns1.domain.com couldn't get address for. That can't be, I have ns1.domain.com in my godaddy cpanel setup correctly with the IP pointing to my nameserver where pdns is up.

Sign In or Register to comment.