Silly question: Hosting your own DNS?
-
I know there's a server similar to PFsense but for a DNS server rather than a router.
Say I were to set up my own DNS server
-
How difficult would it be?
-
Would there be any benefits (in terms of speed/latency) vs using the ISP's DNS?
Interested because i'm finding that page lookups are slow on my connection. I can get 60mbit sustained but every page load it just kind of sits there while it figures out what to load.
I assume this is because my ISP's DNS is slow.
-
-
- How difficult would it be?
How good are you with *nix? What do you know about DNS? Your question is impossible to answer.
- Would there be any benefits (in terms of speed/latency) vs using the ISP's DNS?
Perhaps, but not worth the effort.
Is there some reason you're not using Google DNS or Level3 DNS or some other 3rd party DNS? Is your ISP blocking the use of external DNS? If you think your ISP DNS sucks, don't use it.
Basically, you run your own DNS server if you want to be the authoritative source for your own domain. Otherwise, you're just running a forwarder and it won't speed anything up that much at all.
-
With pfSense 2.2.2 you can use the DNS Resolver to bypass ISP DNS altogether and go directly to the root and site authoritative DNS. Cut out the DNS middle man.
But that aside. What have you done to determine DNS is the cause of your browsing page load slowness.
HttpWatch is a very nice tool that breaks down page loading in a water fall. Including DNS lookup time.
https://HttpWatch.com/
Basic Edition (Free) -
Pfsense can do forwarder mode or resolver mode.. Understanding the difference should be one of the first things you should research if your wanting to understand and possible run your own dns.
As KOM mentions normally you would not setup dns unless you want to be authoritative for your own domain. And to be honest this is not something you should even think about unless your up to speed on all things dns. And one of the first things you will prob find is that once you know about dns you would have not reason to host your own ;) There are plenty of places for very small fee or even free to host your dns. How many domains do you own? How many changes to your records would you need to do?
Rarely makes sense to run your own.
If you talking using a resolver vs a forwarder - pfsense can do that with uncheck of the forwarder checkbox in the resolver. Normally a resolver is not going to speed up your dns queries since you would be going to the authoritative servers for what you look up vs just grabbing it from a name server that has it cached already with 1000's if not 100's of thousands of users using it. Your isp dns for example - if your unhappy with them then there are many other you can point to level3 has a public nameserver you can use for example at 4.2.2.2
There are many others you should be able to find in your geographic area.
How are you actually setup now? Are you pointing to pfsense - is it forwarding or resolving? Do you have your clients pointing directly to your isp dns? vs using something local like pfsense.
If you want to setup a caching forwarder/resolver you can setup bind or unbound on any box you want nix or windows based..
I have 2 nameservers running bind that serve a domain to the public (lowend vps in different parts of the world) - only reason I did this is to play with dnssec because finding support this bit of a pain. Not sure why these registrars get away without supporting it. Pretty sure ICANN made it a requirement to be accredited a few years back. But this is play domain that serves up nothing just so I could play with dnssec.. But my domains that are open to the public that serve a real purpose are just hosted either by the webhost dns or registrars free dns, etc.
-
As dok mentions…
Pardon??? ;D
-
hehehe - my BAD.. Just so use to those kind of comments coming from dok ;)
"How good are you with *nix? What do you know about DNS? Your question is impossible to answer."
Will edit ;)
-
Just so use to those kind of comments coming from dok ;)
When I read it back, I could see it then :D When I read his replies in my head, I tend to use a stilted haughty German accent. I have no idea if he's German, but he should be.
-
heheehe – damn it, now that you say that I can tell I will be reading them in a German accent now ;) I work with a lot of Germans and do quite a bit of drinking with them after work, etc. So yeah its real easy to read in that sort of accent..
It was mostly the your question is impossible to answer that reminded me of a reply from dok.. Now it will be
"Hov kood are you vith *nix? Vat do you knov about DNS? Your gueszion is imbozible to ansver."
-
