New DNS setup getting productive
For nearly two years, I have been pondering about a good and failure-resilient DNS setup to implement for my own domains. In the last days, I have set the first prototype into use.
No, I haven't dared to touch zugschlus.de, my most important domain, yet. This is planned for the weekend. So, if you experience difficulties in accessing any of my Internet services, please inform me and allow me to fix the issue.
However, zugschl.us, marc-haber.de and a number of less important test domains have already been moved to the new, svn-driven Scheme and delegation has been changed to the new DNS servers, dns1.nosuid.net, dns2.notwork.de and dns3.mxonly.de. q.bofh.de, my old main DNS server, continues to run as a slave for a transition period, and it continues to feed the slave servers run by various commercial and non-commercial entities that have kindly been serving the zones in the last years.
The new servers are all run by myself. dns1 and dns2 are dedicated servers ("real" machines that both have other duties as well) located at two different ISPs/hosters located in different parts of Germany, while dns3 is a vServer located in the US (which only does DNS due to its rather severely limited amount of memory). The three domains the servers are located in are in two different top level domains, are registered through two different registrars and are not used for anything besides DNS (and providing the host name for ivanova.notwork.de, one of the DNS servers and the machine hosting this blog).
The two .de-Domains mxonly.de and notwork.de are MX only domains, which means that they are not delegated outside of the .de zone but their resource records are directly written to the .de TLD zone. This reduces the chance of the domains becoming unavailable due to failures in the delegated servers (because there are none), and we depend on .de being available anyway. A downside of MX only domains is that the number of registrars that support them through their automatisms is rather limited.
The .net zone is served by the registrar's name servers since .de is the only TLD I know of that has reasonable prices and offers MX only domains. One can argument that the .net zone is a weak point here, but I suspect that I'm reasonably safe with the MX only .de domains that the .net domain is only a paranoid safety catch anyway.
Display comments as Linear | Threaded