two NS servers on a single host

Gregory Hicks ghicks at hicks-net.net
Wed May 13 14:35:51 UTC 2009 

> Date: Wed, 13 May 2009 10:29:19 -0400
> From: "Jeff Lightner" <jlightner at water.com>
> 
> It is network redundancy only in so far the DOS attack doesn't cause
> your CPU and memory to get slammed.   
> 
> If you're doing redundancy you really ought to do the whole thing by
> getting another server and putting IT on the other network.   Then you
> don't have a single point of failure (unless they're both in the same
> data center).
> 
> If you really want to do two different IPs on one host you could
> probably use views to accomplish this but that would be all within a
> single BIND setup so your theoretical DOS attack would probably cause
> both views to have issues.

There is no reason NOT to have redundancy (two hosts, two networks) no 
matter how small your network is.

Google for "free dns hosting".  You'll get back a very large number of 
hits.  Use your google-foo to limit the search parameters some.  You'll 
get back a slightly smaller, but still very large, number of hits.

Investigate to see who has better services.  Select one.  Configure and 
configure at your domain registrar.  You're back in service.

Regards,
Gregory Hicks
> 
> -----Original Message-----
> From: bind-users-bounces at lists.isc.org
> [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Bradley
> Giesbrecht
> Sent: Wednesday, May 13, 2009 10:22 AM
> To: Stephane Bortzmeyer
> Cc: bind-users at lists.isc.org
> Subject: Re: two NS servers on a single host
> 
> 
> On May 13, 2009, at 6:51 AM, Stephane Bortzmeyer wrote:
> 
> > On Wed, May 13, 2009 at 09:02:55PM +0800,
> > Tech W. <techwww at yahoo.com.cn> wrote
> > a message of 34 lines which said:
> >
> >> I want to give two NS records for my domain, each NS take each of
> >> the IP set in the host.
> >
> > Why? This would be completely useless. RFC 1034 and other documents
> > call for at least two name servers, for redundancy reasons. If the 
two
> > name servers are on the same host, what's the point? There would be 
no
> > gain in reliability.
> 
> If you have ever had the ip for your name server the target of a dos  
> attack you could have blocked traffic to that ip and still had dns.
> 
> Two networks to same host is network redundancy and has value.
> 

---------------------------------------------------------------------
Gregory Hicks                           | Principal Systems Engineer
                                        | Direct:   408.569.7928

People sleep peaceably in their beds at night only because rough men
stand ready to do violence on their behalf -- George Orwell

The price of freedom is eternal vigilance.  -- Thomas Jefferson

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton

More information about the bind-users mailing list