On Mon, 14 Oct 2013, Doug Barton wrote:
We of the DNS literati tend to forget just how difficult this stuff really is, and how hard it is for companies to prioritize spending money on things that usually "just work."
I'm a little concerned at the answers here. Surely a recursive resolver is one of the simplest services in the world to configure? You basically enable it, make sure recursion is on[1] and update DHCP or whatever to use it. Add another server for luck and put a "Turning this off breaks Internet" sticker on it if you want it robust.
I'm not entirely sold on using Google DNS or OpenDNS. In my case there are/were several thousand km and and few counties away so didn't produce the best performance, they also introduce a dependence on upstream services several hops away.
[1] If it is inside the firewall ignore the ACLs, Also ignore the logs cause nobody will read them anyway. That leaves about a 6 line bind config.
-- Simon Lyall | Very Busy | Web: http://www.darkmere.gen.nz/ "To stay awake all night adds a day to your life" - Stilgar | eMT. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
