What DNS to go for?

(a long story short) My ISP's DNS is going nuts. For sometime starting
at 2100 EEST both are pingable but primary is completely unresponcive on
port 53, and secondary blinks (let's call it this word). I've noted
that that happens now at 2000 EEST and 0400 EEST too.

I'm not interested in a static-FQDN with dynamic-IP (what's business
model for all of those free DNSes), I just need reliable DNS. So my
(ethical) question is: should I go upwards (finding DNS of my ISP), or
pick some (all?) roots?

Although I can think two other options yet.

Picking some nameservers from debian.org -- since those people
generously provide me with NTP, I hope they won't hit me if I use their
DNS too.

Since I actually pay my e-mail provider (ha-ha, those 8 euros per year
is a lots of cash) (just for the record, my ISP provides me with neither
SMTP nor POP3 (or anything else)), maybe I can pick DNS there?

--
Torvalds' goal for Linux is very simple: World Domination
Stallman's goal for GNU is even simpler: Freedom

On Fri, 19 Dec 2008 14:40:50 +0200, Eric Pozharski wrote:

> (a long story short) My ISP's DNS is going nuts. For sometime starting
> at 2100 EEST both are pingable but primary is completely unresponcive on
> port 53, and secondary blinks (let's call it this word). I've noted
> that that happens now at 2000 EEST and 0400 EEST too.
>
> Picking some nameservers from debian.org -- since those people
> generously provide me with NTP, I hope they won't hit me if I use their
> DNS too.

Why not run you own caching-dns server?

Check out the following:

http://tldp.org/HOWTO/DNS-HOWTO-3.html


--

Regards
Robert

Linux User #296285
http://counter.li.org

On 2008-12-19, Oleksandr Samoylyk <(E-Mail Removed)> wrote:
> Eric Pozharski wrote:
>> (a long story short) My ISP's DNS is going nuts. For sometime
>> starting at 2100 EEST both are pingable but primary is completely
>> unresponcive on port 53, and secondary blinks (let's call it this
>> word). I've noted that that happens now at 2000 EEST and 0400 EEST
>> too.
>>
vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
>> I'm not interested in a static-FQDN with dynamic-IP (what's business
>> model for all of those free DNSes), I just need reliable DNS. So my
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> (ethical) question is: should I go upwards (finding DNS of my ISP),
>> or pick some (all?) roots?
>>
>> Although I can think two other options yet.
>>
>> Picking some nameservers from debian.org -- since those people
>> generously provide me with NTP, I hope they won't hit me if I use
>> their DNS too.
>>
>> Since I actually pay my e-mail provider (ha-ha, those 8 euros per
>> year is a lots of cash) (just for the record, my ISP provides me with
>> neither SMTP nor POP3 (or anything else)), maybe I can pick DNS
>> there?
>>
> Some ideas:
> - Set up own caching DNS server using BIND, PowerDNS, etc.
{3553:22} [0:0]$ cat /etc/resolv.conf
# /etc/resolv.conf

#Mon Dec 12 14:55:46 EET 2005 -- moved to eth0
#nameserver 127.0.0.1
nameserver 192.168.0.1

> - Use free DNS resolution service, e.g. OpenDNS (208.67.222.222,
> 208.67.220.220), DNS Advantage (156.154.70.1, 156.154.71.1), etc.
> Most of them implement anycast technology, but check the latency and
> response time anyway.
Reading problems? (highlighted above)

> - Write about these issues to (E-Mail Removed)
The problem "have I drivers installed?" was already discussed 15month
ago. Uninteresting anymore.

--
Torvalds' goal for Linux is very simple: World Domination
Stallman's goal for GNU is even simpler: Freedom

Eric Pozharski wrote:

> Although I can think two other options yet.

I got a third one: Run your own DNS cache. The only drawback is,
that it adds a bit latency.

I recommend using dnscache from the excellent djbdns package.
There are two usage scenarios:

Run the cache on your workstation
<http://cr.yp.to/djbdns/run-cache.html>

Run the cache on a dedicated machine (possible your
router/gateway) in your network
<http://cr.yp.to/djbdns/run-cache-x.html>

Wolfgang Draxinger
--
E-Mail address works, Jabber: (E-Mail Removed), ICQ: 134682867

Wolfgang Draxinger wrote:

> Eric Pozharski wrote:
>
>> Although I can think two other options yet.
>
> I got a third one: Run your own DNS cache. The only drawback
> is, that it adds a bit latency.
>
> I recommend using dnscache from the excellent djbdns package.
> There are two usage scenarios (...)

I forgot to mention, that you've to update the list of root
servers from time to time.

<http://thedjbway.org/djbdns/dnsroots.html> describes a few
methods. I prefer the "a better method" one:

# mv /etc/dnsroots.global /etc/dnsroot.global.old
# dnsip `dnsqr ns . | awk '/answer:/ { print $5; }' |sort` \
> /etc/dnsroots.global
# cp /etc/dnsroots.global /service/dnscache/root/servers/@
# svc -du /service/dnscache

Wolfgang Draxinger
--
E-Mail address works, Jabber: (E-Mail Removed), ICQ: 134682867

On Fri, 19 Dec 2008 14:40:50 +0200, Eric Pozharski wrote:

> (a long story short) My ISP's DNS is going nuts. For sometime starting
> at 2100 EEST both are pingable but primary is completely unresponcive on
> port 53, and secondary blinks (let's call it this word). I've noted
> that that happens now at 2000 EEST and 0400 EEST too.
>
> I'm not interested in a static-FQDN with dynamic-IP (what's business
> model for all of those free DNSes), I just need reliable DNS. So my
> (ethical) question is: should I go upwards (finding DNS of my ISP), or
> pick some (all?) roots?
>
> Although I can think two other options yet.
>
> Picking some nameservers from debian.org -- since those people
> generously provide me with NTP, I hope they won't hit me if I use their
> DNS too.
>
> Since I actually pay my e-mail provider (ha-ha, those 8 euros per year
> is a lots of cash) (just for the record, my ISP provides me with neither
> SMTP nor POP3 (or anything else)), maybe I can pick DNS there?

I'm not clear if you are asking about DNS lookups or about hosts for your
domain?

If you are asking about DNS lookups then all you need to do is install
bind and run your own DNS server. If you are looking for someone to
handle your domain then dyndns.org is a good choice. I use them to handle
my personal domain. They work with both dynamic and static IPs. If you
use one of their domains for your dynamic IP it's free, if you have them
handle your own domain then its a small charge ($27.50/year).

Wolfgang Draxinger wrote:
> Eric Pozharski wrote:
>
>> Although I can think two other options yet.
>
> I got a third one: Run your own DNS cache. The only drawback is,
> that it adds a bit latency.
>
> I recommend using dnscache from the excellent djbdns package.
> There are two usage scenarios:
>
> Run the cache on your workstation
> <http://cr.yp.to/djbdns/run-cache.html>
>
> Run the cache on a dedicated machine (possible your
> router/gateway) in your network
> <http://cr.yp.to/djbdns/run-cache-x.html>
>
> Wolfgang Draxinger


In my personal experience I would follow your advise...

DJBDNS is from a security point of view far better than for instance
BIND (my opinion). I am personally using dnscache at quite a few servers
as intranet DNS-servers (and also tinydns and axfrdns at other servers
and/or interfaces), and this is my preferred program for handling DNS.

--
Best regards Jacob Tranholm <http://jtranholm.dk/>
Karl R. Popper: Observation statements and statements of experimental
results are always interpretations of the facts observed.

On 2008-12-22, General Schvantzkoph <(E-Mail Removed)> wrote:
> On Fri, 19 Dec 2008 14:40:50 +0200, Eric Pozharski wrote:
>
>> (a long story short) My ISP's DNS is going nuts. For sometime starting
>> at 2100 EEST both are pingable but primary is completely unresponcive on
>> port 53, and secondary blinks (let's call it this word). I've noted
>> that that happens now at 2000 EEST and 0400 EEST too.
>>
>> I'm not interested in a static-FQDN with dynamic-IP (what's business
>> model for all of those free DNSes), I just need reliable DNS. So my
>> (ethical) question is: should I go upwards (finding DNS of my ISP), or
>> pick some (all?) roots?
>>
>> Although I can think two other options yet.
>>
>> Picking some nameservers from debian.org -- since those people
>> generously provide me with NTP, I hope they won't hit me if I use their
>> DNS too.
>>
>> Since I actually pay my e-mail provider (ha-ha, those 8 euros per year
>> is a lots of cash) (just for the record, my ISP provides me with neither
>> SMTP nor POP3 (or anything else)), maybe I can pick DNS there?
>
> I'm not clear if you are asking about DNS lookups or about hosts for your
> domain?
>
> If you are asking about DNS lookups then all you need to do is install
> bind and run your own DNS server. If you are looking for someone to

Is it really that hard to read out that thread?
news:(E-Mail Removed)

Is it really that hard to read RFC1034? And pay a little attention to
section 2.3? What would happen when refresh period expires? That's not
personal, forget it.

> handle your domain then dyndns.org is a good choice. I use them to handle
> my personal domain. They work with both dynamic and static IPs. If you
> use one of their domains for your dynamic IP it's free, if you have them
> handle your own domain then its a small charge ($27.50/year).

$#@!

--
Torvalds' goal for Linux is very simple: World Domination
Stallman's goal for GNU is even simpler: Freedom

Eric Pozharski wrote:

.....
>> If you are asking about DNS lookups then all you need to do is install
>> bind and run your own DNS server. If you are looking for someone to
>
> Is it really that hard to read out that thread?
> news:(E-Mail Removed)

>* *vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
>> I'm not interested in a static-FQDN with dynamic-IP (what's business
>> model for all of those free DNSes), I just need reliable DNS. *So my
* *^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Noone urges you to acquire one.

> Is it really that hard to read RFC1034? And pay a little attention to
> section 2.3? What would happen when refresh period expires? That's not
> personal, forget it.
>
WTF? What has running your own caching nameserver (with free choice of
forwarders) to do with a business domain?
You can have any .local domain you like ... for your own network, or even
your local host and a few vms running on that. Without registration. No
fees.
Btw., most distributions update bind - included the rootservers and certs -
regularly.

--
vista policy violation: Microsoft optical mouse found penguin patterns
on mousepad. Partition scan in progress to remove offending
incompatible products. Reactivate MS software.
Linux 2.6.24. [LinuxCounter#295241,ICQ#4918962]

On 2008-12-23, Walter Mautner <(E-Mail Removed)> wrote:
> Eric Pozharski wrote:
>
> ....
>>> If you are asking about DNS lookups then all you need to do is install
>>> bind and run your own DNS server. If you are looking for someone to
>>
>> Is it really that hard to read out that thread?
>> news:(E-Mail Removed)
>
>>Â* Â*vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
>>> I'm not interested in a static-FQDN with dynamic-IP (what's business
>>> model for all of those free DNSes), I just need reliable DNS. Â*So my
> Â* Â*^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> Noone urges you to acquire one.

Just checked -- score is 2-2


>> Is it really that hard to read RFC1034? And pay a little attention to
>> section 2.3? What would happen when refresh period expires? That's not
>> personal, forget it.
>>
> WTF? What has running your own caching nameserver (with free choice of
> forwarders) to do with a business domain?

Didn't get it. Should I read two last words in reverse order?

*SKIP*
> Btw., most distributions update bind - included the rootservers and certs -
> regularly.

Does it mean that a common habit is to go for roots from the begining?


--
Torvalds' goal for Linux is very simple: World Domination
Stallman's goal for GNU is even simpler: Freedom