Upgrade to Pro — share decks privately, control downloads, hide ads and more …

FLOSS DNS servers

FLOSS DNS servers

Jan-Piet Mens

March 17, 2016
Tweet

More Decks by Jan-Piet Mens

Other Decks in Technology

Transcript

  1. Multiple Choice Open Source DNS Servers Jan-Piet Mens March 2016

    @jpmens
  2. @jpmens: consultant, author, architect, part-time admin, small-scale fiddler, loves DNS,

    MQTT,  plain text, and things that work. Thought up OwnTracks, and made jo.
  3. a selection of open source DNS servers authoritative or recursive

    (or both)
  4. None
  5. dnsmasq  recursive, authoritative for /etc/hosts, DHCP (v4, v6), DNSSEC

    validation
  6. Unbound local-data, DNSSEC, dnssec-trigger, +win32, embeddable, fast, rate-limiting, extensible with

    Python, qname minimization
  7. NSD 4 very fast, TSIG + DNSSEC, zone compiler, root,


    addzone/delzone, and RRL
  8. BIND  full reference implementation, TSIG, DNSSEC, +win32, SDB, DLZ,

    RFC 2136, ram-hungry, RPZ, views, RRL
  9. BIND 10  completely different. Python, C++, REST, DHCP

  10. PowerDNS authoritative  lots of back-ends (SQL, LDAP, pipe), DNSSEC,

    master/slave/ native, supermaster, pdnsutil
  11. PowerDNS Recursor  local zones, serves /etc/hosts, DNSSEC validation, fast,

    monitoring, Lua
  12. Knot  master/slave, AXFR/IXFR, RFC 2136, addzone, reconfiguration, DNSSEC signing,

    RRL
  13. Knot DNS Resolver  DNSSEC, NTA, Lua, RFC 5011, {memcached|Redis}-backed

    cache, Graphite, etcd
  14. Yadifa  authoritative, DNSSEC, RFC 2136

  15. "I had ___, now ___, and it doesn't work" why

    did you break it?
  16. mens.de/:/book

  17. It's not always a fscking DNS problem.

  18. dnssexy.net dig it!