11 ISK - Adding Reverse DNS Servers and nother Tunnel.
Shadow Hawkins on Saturday, 15 June 2013 07:49:03
One of the DNS RFC's says we should have 3 nameservers. But I only have 11 ISK points now and I thought I read somewhere we are supposed to have at least 15 points to request anything. Is that correct?
Other than the tunnel and /48 I have setup via our CableTV/Internet connection I have access to one VPS with IPv6. I plan on getting a couple cheap DigitalOcean VPS's for the other two nameservers ($10 a month), but they aren't offering IPv6 yet. I could also use the SixXS tunnel/subnet for one of the nameservers for the reverse zone, but i don't think I would be comfortable using it for a forward zone, especially one that receives mail. I would like to setup three nameservers for the reverse DNS with IPv6 addresses as well as IPv4, but that would cost more than I want to spend right now. Does anyone have any recommendations?
If anyone has any suggestions for free, or very low cost, secondary DNS providers that include the feature of secure zone transfers and DNSSEC support, please let me know.
This past week the SixXS POP usqas01 experienced a bit of downtime, our Cable company did some maintenance and I have been working of the IPv6 firewall so the tunnel hasn't been up 24/7 this past week. I haven't setup monitoring to give an exact number, but I think we had somewhere between 4 and 8 hours downtime. Will that effect the 5 weekly ISK points?
I think I would also like to add two more tunnels so I can setup secure zone transfers via IPv6 to the IPv4 nameservers. And because I only have 11 ISK points now I think I should just add one reverse DNS server (1 ISK point) rather than three (3 ISK points) for the time being.
I should have requested another tunnel a couple weeks ago rather than a /48 subnet.
The Reverse_DNS_Zones wiki page says "reverse.name is a wildcard DNS server" and links to reverse.name, but it isn't an active site and I haven't found any info about that particular DNS server, does anyone know more about it?
11 ISK - Adding Reverse DNS Servers and nother Tunnel.
Jeroen Massar on Monday, 17 June 2013 05:07:30 One of the DNS RFC's says we should have 3 nameservers.
I don't see why that would be a "MUST" or even a "SHOULD". If you have at least one single stable one, should be fine. Typically two is good enough. But it depends on the stability, if they are throw-away boxes with bad connectivity, and one runs a business on them then that is not going to be proper.
But I only have 11 ISK points now and I thought I read somewhere we are supposed to have at least 15 points to request anything. Is that correct?
Yes, see the credit FAQ.
Does anyone have any recommendations?
You can always go for backup or hosted DNS from a variety of companies out there. DNSSEC is likely not to be given out for free though as it is a rather hefty feature. Then again, if they slave a server it might just work, unless they did not flick on the bits for their nameserver software to support DNSSEC.
Will that effect the 5 weekly ISK points?
Quite likely. See your user home and select the tunnel, there you will see a graph showing the latency and the holes reflecting the unreachability that it might have left.
[..] reverse.name [..] does anyone know more about it?
Sounds like the standard scripted DNS server trick, typically a PowerDNS with a little script can make a similar setup.
11 ISK - Adding Reverse DNS Servers and nother Tunnel.
Shadow Hawkins on Wednesday, 26 June 2013 07:16:02
Charles Peters II wrote:
I would like to setup three nameservers for the reverse DNS with IPv6 addresses as well as IPv4, but that would cost more than I want to spend right now. Does anyone have any recommendations?
If anyone has any suggestions for free, or very low cost, secondary DNS providers that include the feature of secure zone transfers and DNSSEC support, please let me know.
The danish gratisdns.dk is, as the name implies, completely free (as in beer).
It supports ipv4 amd ipv6, forward and reverse, and can act as a secondary.
It has 5 nameservers spread over the world, and at least one is even multihomed, i think.
On the downside, the support forum is run by a BOFH...
Posting is only allowed when you are logged in. |