Skip to content

New DNS setup getting productive

For nearly two years, I have been pondering about a good and failure-resilient DNS setup to implement for my own domains. In the last days, I have set the first prototype into use.

No, I haven't dared to touch, my most important domain, yet. This is planned for the weekend. So, if you experience difficulties in accessing any of my Internet services, please inform me and allow me to fix the issue.

However,, and a number of less important test domains have already been moved to the new, svn-driven Scheme and delegation has been changed to the new DNS servers,, and, my old main DNS server, continues to run as a slave for a transition period, and it continues to feed the slave servers run by various commercial and non-commercial entities that have kindly been serving the zones in the last years.

The new servers are all run by myself. dns1 and dns2 are dedicated servers ("real" machines that both have other duties as well) located at two different ISPs/hosters located in different parts of Germany, while dns3 is a vServer located in the US (which only does DNS due to its rather severely limited amount of memory). The three domains the servers are located in are in two different top level domains, are registered through two different registrars and are not used for anything besides DNS (and providing the host name for, one of the DNS servers and the machine hosting this blog).

The two .de-Domains and are MX only domains, which means that they are not delegated outside of the .de zone but their resource records are directly written to the .de TLD zone. This reduces the chance of the domains becoming unavailable due to failures in the delegated servers (because there are none), and we depend on .de being available anyway. A downside of MX only domains is that the number of registrars that support them through their automatisms is rather limited.

The .net zone is served by the registrar's name servers since .de is the only TLD I know of that has reasonable prices and offers MX only domains. One can argument that the .net zone is a weak point here, but I suspect that I'm reasonably safe with the MX only .de domains that the .net domain is only a paranoid safety catch anyway.


No Trackbacks


Display comments as Linear | Threaded

No comments

Add Comment

Markdown format allowed
Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
Form options