FLOSS DNS servers

Transcript

1. Multiple Choice
   Open Source DNS Servers
   Jan-Piet Mens March 2016

   @jpmens

2. @jpmens: consultant, author, architect, part-time admin, small-scale fiddler, loves DNS,

   MQTT,
   plain text, and things
   that work. Thought up OwnTracks, and made jo.
   

3. a selection of open source DNS servers authoritative or recursive

   (or both)
4. None

5. dnsmasq
   recursive, authoritative for /etc/hosts, DHCP (v4, v6), DNSSEC

   validation

6. Unbound
   local-data, DNSSEC, dnssec-trigger, +win32, embeddable, fast, rate-limiting, extensible with

   Python, qname minimization

7. NSD 4
   very fast, TSIG + DNSSEC, zone compiler, root,


   addzone/delzone, and RRL

8. BIND
   full reference implementation, TSIG, DNSSEC, +win32, SDB, DLZ,

   RFC 2136, ram-hungry, RPZ, views, RRL

9. BIND 10
   completely different. Python, C++, REST, DHCP

10. PowerDNS authoritative
    lots of back-ends (SQL, LDAP, pipe), DNSSEC,

    master/slave/ native, supermaster, pdnsutil

11. PowerDNS Recursor
    local zones, serves /etc/hosts, DNSSEC validation, fast,

    monitoring, Lua

12. Knot
    master/slave, AXFR/IXFR, RFC 2136, addzone, reconfiguration, DNSSEC signing,

    RRL

13. Knot DNS Resolver
    DNSSEC, NTA, Lua, RFC 5011, {memcached|Redis}-backed

    cache, Graphite, etcd

14. Yadifa
    authoritative, DNSSEC, RFC 2136

15. "I had ___, now ___, and it doesn't work"
    why

    did you break it?

16. mens.de/:/book

17. It's not always a fscking DNS problem.

18. dnssexy.net
    dig it!