Tech: VPS - own nameserver or Cloudflare?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Paul&John
    Confirmed User
    • Aug 2005
    • 8643

    #1

    Tech: VPS - own nameserver or Cloudflare?

    Hi!

    So far I've used CF free, didn't bothered setting up a nameserver. According to this it shouldn't be super hard. So what are the cons and pros of having your own nameserver? Actually I can't really think of any pros, just cons:

    - time to set it up + extra room for major fuckups
    - revealing your servers IP (unless you have an MX record set to your server at CF?)
    - CF's DNS should be faster + more reliable?

    Thanks.
    Use coupon 'pauljohn' for a $1 discount at already super cheap NameSilo!
    Anal Webcams | Kinky Trans Cams Live | Hotwife XXX Tube | Get your Proxies here
  • Ferus
    Bye - Left to do stuff
    • Feb 2013
    • 4108

    #2
    Dont - in case your infrastructure is down - including your SOA - you are fucked.
    Use amazon, namecheap or something that have MFA validation and a secure setup(with DNSSEC), and focus on building your sites instead

    Comment

    • Paul&John
      Confirmed User
      • Aug 2005
      • 8643

      #3
      Definitely not the answer I was expecting but I'm glad to hear this. Thanks.
      Use coupon 'pauljohn' for a $1 discount at already super cheap NameSilo!
      Anal Webcams | Kinky Trans Cams Live | Hotwife XXX Tube | Get your Proxies here

      Comment

      • sandman!
        Icq: 14420613
        • Mar 2001
        • 15431

        #4
        Unless your expecting to get a ddos attack there is no reason not to run your own dns.

        This is assuming you are not using dns for geo load balancing and other shit.

        Assuming your running a single server/vm with some sites on it no reason not to run your own people ran their own dns for years before cloud flare existed.
        Need WebHosting ? Email me for some great deals [email protected]

        Comment

        • Ferus
          Bye - Left to do stuff
          • Feb 2013
          • 4108

          #5
          Originally posted by sandman!
          Unless your expecting to get a ddos attack there is no reason not to run your own dns.

          This is assuming you are not using dns for geo load balancing and other shit.

          Assuming your running a single server/vm with some sites on it no reason not to run your own people ran their own dns for years before cloud flare existed.
          Not trying to be an ass, but this is your own service - If you (as a hosting provider) cant keep your DNS in check, why should anyone else risk it?

          Comment

          • sandman!
            Icq: 14420613
            • Mar 2001
            • 15431

            #6
            my dns works fine, ns3 is not active its a new name sever i plan on deploying.

            Originally posted by Ferus
            Not trying to be an ass, but this is your own service - If you (as a hosting provider) cant keep your DNS in check, why should anyone else risk it?

            Need WebHosting ? Email me for some great deals [email protected]

            Comment

            • Ferus
              Bye - Left to do stuff
              • Feb 2013
              • 4108

              #7
              Originally posted by sandman!
              my dns works fine, ns3 is not active its a new name sever i plan on deploying.
              NS3 first seen 2019-07-20

              You have both the primary and secondary DNS in the same subnet at the same location, and nobody running a business should run a risk like that, when its so easy to mitigate.

              Secondary servers must be placed at both topologically and
              geographically dispersed locations on the Internet, to minimise the
              likelihood of a single failure disabling all of them.

              That is, secondary servers should be at geographically distant
              locations, so it is unlikely that events like power loss, etc, will
              disrupt all of them simultaneously. They should also be connected to
              the net via quite diverse paths. This means that the failure of any
              one link, or of routing within some segment of the network (such as a
              service provider) will not make all of the servers unreachable.
              [RFC 2182]


              The faulty serial number means you are at risk in case of a zone transfer


              This is exactly why I recommend people never spend time running their own public DNS

              Comment

              • sandman!
                Icq: 14420613
                • Mar 2001
                • 15431

                #8
                Go use cloud flare if you want , I have never had a dns failure in 20+ years I will keep doing what I’m doing. You go do what you want to do.



                Originally posted by Ferus
                NS3 first seen 2019-07-20

                You have both the primary and secondary DNS in the same subnet at the same location, and nobody running a business should run a risk like that, when its so easy to mitigate.

                Secondary servers must be placed at both topologically and
                geographically dispersed locations on the Internet, to minimise the
                likelihood of a single failure disabling all of them.

                That is, secondary servers should be at geographically distant
                locations, so it is unlikely that events like power loss, etc, will
                disrupt all of them simultaneously. They should also be connected to
                the net via quite diverse paths. This means that the failure of any
                one link, or of routing within some segment of the network (such as a
                service provider) will not make all of the servers unreachable.
                [RFC 2182]


                The faulty serial number means you are at risk in case of a zone transfer


                This is exactly why I recommend people never spend time running their own public DNS
                Need WebHosting ? Email me for some great deals [email protected]

                Comment

                • Ferus
                  Bye - Left to do stuff
                  • Feb 2013
                  • 4108

                  #9
                  Originally posted by sandman!
                  Go use cloud flare if you want , I have never had a dns failure in 20+ years I will keep doing what I’m doing. You go do what you want to do.
                  You are absolutely free to do as you want

                  It's just important that people listening to you understand, today's requirements to run a secure setup, are immensely different than it was 20 years ago.
                  Its not just stuff I make up to fit my argument - its industry standards (RFC's) mentioned you should consider applying for a more secure infrastructure.
                  "I havent had a problem in 20 years" is not a valid business argument

                  Even your own IaaS provider (WebNX) have a proper setup for it.

                  Comment

                  • wankawonk
                    Confirmed User
                    • Aug 2015
                    • 1018

                    #10
                    Originally posted by sandman!
                    Unless your expecting to get a ddos attack there is no reason not to run your own dns.

                    This is assuming you are not using dns for geo load balancing and other shit.

                    Assuming your running a single server/vm with some sites on it no reason not to run your own people ran their own dns for years before cloud flare existed.
                    the reason not to run your own DNS is that its dirt fucking cheap to pay someone else to do it for you and their business is to be reliable at it. keeping a website up 24/7 is hard enough already -- anything you can reliably outsource should be outsourced.

                    Comment

                    • redwhiteandblue
                      Bollocks
                      • Jun 2007
                      • 2793

                      #11
                      You don't even have to pay for DNS -

                      https://freedns.afraid.org/
                      Interserver unmanaged AMD Ryzen servers from $73.00

                      Comment

                      Working...