tekiegreg Posted November 25, 2016 Report Share Posted November 25, 2016 So I've got a VPS setup through Hawkhost, that amongst other things rolls its own DNS. All seems good but many have told me I really should find another server for DNS, security and reliability reasons. Makes sense. Of course that just costs more money, at least for a good provider. Thoughts? Is it really a best practice now? Would HawkHost help at all (maybe open up HawkHost DNS servers and allow me to place a zone file on HawkHost's own DNS)? Just curious... Quote Link to comment Share on other sites More sharing options...
Brian Posted November 27, 2016 Report Share Posted November 27, 2016 There is definitely merit to using third party DNS and offloading that part of your infrastructure to a provider that specializes in DNS management. In addition to the improved control/features DNS providers have *massive* networks in place, in terms of both overall throughput/capacity and hardware based filtering, so they can mitigate most attacks sent towards your site(s). If you look at the recent attacks directed at Dyn they only struggled once the attack hit upwards of 620 Gbps (which it goes without saying is just stupidly big...). The fact that they were able to stay online up until that point should give you an idea of what a specialized DNS provider can offer you in terms of protection. If you lookup the DNS/nameservers of a lot of company websites you'll notice more times than not they're using third party DNS. The trend really becomes obvious the more you poke around / once you're aware of it. 5-10 years ago doing everything in house (email, DNS, etc) was the accepted standard but as specialized companies started popping up (and also became affordable for most organizations) everything shifted back to paying someone else to manage certain aspects of your infrastructure. Quote Would HawkHost help at all (maybe open up HawkHost DNS servers and allow me to place a zone file on HawkHost's own DNS)? This isn't something we'd want to do to be quite honest with you. Even if we had the infrastructure in place it would be very ill-advised of us to mix customer properties/sites with our internal infrastructure. Imagine the nightmare scenario of you being attacked and being unable to reach us because we're down for the same reason. That's a scenario where nobody comes out ahead. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.