After plenty of procrastinating I am finally putting the final touches on a migration to PowerDNS. Over the past years I have experimented and run a wide variety of name servers. First BIND (I still have my BIND book on the bookshelf), then djbdns (aka tinydns), then MyDNS, and now, of course PowerDNS.
Why this constant shift and change? BIND is a fantastic nameserver that runs the majority of DNS for the planet, there have just been one to many exploits and this started my adventure. djbdns is a great, secure, simple DNS system – only problem is, it’s not BIND and when you need to perform zone transfers this becomes a problem. djbdns also requires a split between authorative and recursive (tinydns and dnscache) services for security, while I agree this is the best way to do this, it’s an annoying configuration when you want to have a simple platform. MyDNS has been a cool piece of software, fast, easy administration direct from mysql, realtime queries to/from mysql, etc… My problem again, zone transfers have been a pain – and for critical systems I like having as few moving pieces as possible. Redundant DNS servers don’t work very well when your DB goes down. Which brings me to PowerDNS…
PowerDNS I hope will bring me the best of all worlds. I can zone transfer which is a very important thing, I can run the primary against a DB which makes administration so much easier, and at this point, the system is stable, secure and fast.
Once the cutover is completed the next step will be moving this onto a BGP anycast for true GSLB (geographic server load balancing) and redundancy.