To outsource or not to outsource the DNS that is the question...


tekiegreg

Recommended Posts

So I've got a VPS setup through Hawkhost, that amongst other things rolls its own DNS.  All seems good but many have told me I really should find another server for DNS, security and reliability reasons.  Makes sense.  Of course that just costs more money, at least for a good provider.

 

Thoughts?  Is it really a best practice now?  Would HawkHost help at all (maybe open up HawkHost DNS servers and allow me to place a zone file on HawkHost's own DNS)?  

 

Just curious...

Link to comment
Share on other sites

There is definitely merit to using third party DNS and offloading that part of your infrastructure to a provider that specializes in DNS management. In addition to the improved control/features DNS providers have *massive* networks in place, in terms of both overall throughput/capacity and hardware based filtering, so they can mitigate most attacks sent towards your site(s). If you look at the recent attacks directed at Dyn they only struggled once the attack hit upwards of 620 Gbps (which it goes without saying is just stupidly big...). The fact that they were able to stay online up until that point should give you an idea of what a specialized DNS provider can offer you in terms of protection.

If you lookup the DNS/nameservers of a lot of company websites you'll notice more times than not they're using third party DNS. The trend really becomes obvious the more you poke around / once you're aware of it. 5-10 years ago doing everything in house (email, DNS, etc) was the accepted standard but as specialized companies started popping up (and also became affordable for most organizations) everything shifted back to paying someone else to manage certain aspects of your infrastructure.

Quote

Would HawkHost help at all (maybe open up HawkHost DNS servers and allow me to place a zone file on HawkHost's own DNS)?

This isn't something we'd want to do to be quite honest with you. Even if we had the infrastructure in place it would be very ill-advised of us to mix customer properties/sites with our internal infrastructure. Imagine the nightmare scenario of you being attacked and being unable to reach us because we're down for the same reason. That's a scenario where nobody comes out ahead.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...