Weblog entry #3 for nole
See all weblog entries made by nole.
Today I use a company that offer nameservers,dns and redirection and while rather cheap I'm getting more and more curious to how hard it would be to run a private system for these services and just need to deal with the primary supplier of the address. I love to read so any links to more information of setting up, running or how stuff like this works are greatly appreciated.
Thanks
//Nole.
Comments on this Entry
Outsourced hosting is awfully cheap. For personal uses, I end up paying $8/month for a shared host with secure shell access and web, smtp, and imap services enabled. I can do a whole lot of stuff with ssh access -- set up any PHP/SQL web applications, install Trac (well, I do have to get them to add one entry into my host configuration for Trac to be finished), install Wordpress, etc. If I had to have root access on my own virtual server, I could get that for $18-90/month, depending on its specifications. And a dedicated physical server with some level of support at the hosting company would be $160-290/month, depending on specifications.
The main point with all this is that if you have job tasks other than systems administration, and your primary goal is having the usual web and internet services available to your coworkers, you may find the most economical route is to do as little as possible in-house. At work, my duties are split between IT work and engineering, and I manage a ton of services in-house (web, CMS, email, mailing lists, ftp mirror, blog host, file server, compute cluster nodes). But most/all of those services are in house because I already had some years of ISP systems administration experience beforehand, and the central IT folks couldn't provide for some of the more esoteric needs we had. Plus, since we run Debian, we could just use old hardware for testing purposes, and then install on real servers if needed.
If you still want the DIY route, and have some time to spend, I'd probably set up an account at dyndns.org so that you can have a fixed DNS name point to your home internet connection, install Debian (or whatever, but this is a Debian site you're on), and have your internet router forward web, smtp, or whatever traffic to the Debian server. Search here or howtoforge.com for instructions on setting up web, email or whatever services you're interested in. I probably would not experiment at work with anything people rely on for business, especially if this was my first foray into systems administration.
Short form: if it's critical and you're new to all this, outsource it for now. Build up experience with non-critical environments, and then you'll be ready to evaluate if any of it is worth bringing back in-house.
[ Parent | Reply to this comment ]
It's not for work (they would surely not pay me to devote a large amount of time for something we can buy for $20/Month) but for home since I just got a dedicated 100Mbit connection with five static IP's connected to my home and since I'm not into downloading movies/music and really would like to learn this stuff I though i'd give it a try :) Thanks for the tips so far.
[ Parent | Reply to this comment ]
In the case of DNS, as long as you've got the static IPs, then that's all you'd need from your ISP. From there, it's a matter of setting up authoritative DNS servers for your domain, registering that domain if necessary, or modifying an existing domain to point to your new DNS servers' IP addresses. At least at one time, it was recommended to have authoritative DNS servers on separate networks for redundancy and disaster-proofing, but I don't know if that's still recommended. Since most places don't even bother with redundant data centers, I'd guess it's not at all common.
At least back in the day, the O'Reilly DNS and BIND book was the standard text for setting that stuff up. But I don't run DNS of any complexity any more. At work, I just get addresses added into the main DNS when needed, and at home, I run a pretty simple split-horizon setup with MaraDNS that makes my homeunix.net address resolve to a private local IP when I'm at home.
I'll also take this opportunity to pimp my infrastructure management pages if you're looking to do more systematic installation and maintenance of these systems.
[ Parent | Reply to this comment ]
"Why is this so important for email?" you might ask. If your DNS servers are not available when someone wants to visit your website, they will hopefully just try again later. High DNS server availability is really more important than high email server availability, because if the email server is temporary down the senders mail server will just try again later. If your DNS is down however, the email will not be delivered at all and the sender will get a more or less cryptic error message.
/MBL
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
But there are also people and companies who offer secondary (and some even primary) DNS for free as a service.
If you understand Danish (or Swedish or Norwegian) I'd recommend <http://www.gratisdns.dk/>;.
/MBL
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
//Nole.
[ Parent | Reply to this comment ]
100% of those running their own DNS had issues with the configuration of their DNS.
It was very noticeable folks who used big ISPs to provide DNS service had a better set up - more likely to have correct delegation, and an off-network name server.
All those with perfect DNS set ups which I defined as name servers in at least two distinct routing domains, delegation all correct, not providing recursion on authoritative name servers, and no obvious oddities, were with two of the largest UK ISPs. I think they need to be large enough to have dedicated DNS staff who have nothing better to do than make sure the DNS is working right, and complying with all relevant RFCs and Best Practice guidelines.
Since you need to get a third party to arrange delegation of the DNS, and most registrars provide managed DNS services, unless you have a lot of domains it probably pays most people just to use their ISP or a big DNS provider.
DNS is easy to set-up, but I think keeping it well maintained is a job, and the work scales with the (number of name servers)x(number of variation in domain delegations)x(number of TLD/registries). So if you have a lot of identically delegated domains, on the same set of name servers, in the same top level domain, it is pretty straight forward, but that situation never lasts!
I maintain 4 authoritative DNS servers on two networks to host several thousand domain names for the day job, amongst other roles; doing it again we would outsource this. When my employers started doing it in-house outsourcing wasn't a realistic option.
DNS and Bind is a great book - Cricket is a clever and amiable chap - but I'd recommend using it to figure out which providers really know their stuff, or for running big internal DNS set ups.
[ Parent | Reply to this comment ]