
Ask YC: Who are you using for DNS? - rob
For those of you who aren't running your own DNS server, who are you using? Free hosting (e.g, EveryDNS, ZoneEdit, EditDNS) or paid hosting (e.g, DNS Made Easy, No-IP, EasyDNS)?
======
SwellJoe
I've never understood why one wouldn't run DNS for yourself...but I guess I
have a different perspective, being a developer of systems management software
(and BIND being one of the services that our products manage).

So, I'll use this thread to ask a question that's bugged me for a while: Why
do folks outsource such a simple and low-resource service?

~~~
jbyers
DNS is an easy service in isolation, but complex when your business demands it
remains fast and reliable. This means you'll need the following, in no
particular order:

* servers in multiple data centers and close to your end customers

* multiple backbone providers

* some idea of what to do when your first DOS attack hits

* a sysadmin who monitors all this stuff and gets paged when it fails

You might say this is overkill for a new startup, but when we can get all this
for $50/year or less -- or free from EveryDNS -- I can't imagine why we'd go
it alone.

I should note that we do run our own DNS servers (tinydns) at Wikispaces, but
we also have four EasyDNS secondaries watching our back.

~~~
SwellJoe
So, my immediate thought on reading each of these points is:

"* servers in multiple data centers and close to your end customers"

"* multiple backbone providers"

If you need both of these for DNS, then you need both of these for all of your
other services, right? Or it's pointless to have bulletproof DNS. If you don't
have multi-homed web service, an outage of your server is still going to take
you off-line, regardless of whether you have working DNS or not. Likewise
email, database, etc. I think one should have a backup hold and forward mail
server, and that should also act as your secondary DNS server. And it should
be in a different data center.

As for locality-based DNS, what name service software do you think people are
using that they can choose a DNS server close to them? That data isn't
available when the decision for which DNS server to use is selected. So,
having DNS service close to clients is roughly pointless. And, the services
that CAN be locality-aware (pretty rare and esoteric) almost universally use
DNS records to achieve it. So, DNS would be the one service that cannot
possibly benefit from being available in a bunch of different locations around
the world (except by accident).

"* some idea of what to do when your first DOS attack hits"

What to do when the first DoS hits is to try to figure out how the hell to fix
the web server or database or whatever it is that actually has trouble dealing
with the load. DNS isn't going to be the attack vector or a source of trouble.
DNS records are tiny, heavily cached all over the world (so you regular users
would be roughly immune to a DNS DoS), and very very cheap to serve. BIND
named (by no means the fastest DNS server) provides almost all of the worlds
root name service on a few dozen machines. That's billions of requests every
day. A DoS would saturate your network before it would take out BIND.

"* a sysadmin who monitors all this stuff and gets paged when it fails"

So, you don't need one of those for your web application or email or
databases?

I'm not saying having outside secondaries is a bad thing, I just don't
understand the benefits to outsourcing something so fundamental to the success
of your website--DNS can make seconds worth of difference in the response time
of your site. Why trust some random dudes with that?

So, there's nothing wrong with using them for secondary service. I just don't
know that I'd want to trust primary service to somebody else.

~~~
jbyers
I agree with nearly every point you've made here, except that you're not
considering cost. Remember that I said:

"You might say this is overkill for a new startup, but when we can get all
this for $50/year or less..."

DNS is the most straightforward and undifferentiated service you'll need to
run your site. There's little distinction between competing providers unless
you're looking for massive capacity or exotic services. I can get all of the
points I listed from EasyDNS for $20/year.

I can't think of another service, with the possible exception of email, where
the benefit/cost ratio is so high. And as long as those random dudes are in
the full time business of running DNS, I'd much rather have them do it than
someone who's not a expert and has a much longer, higher value list of things
to concern themselves with.

------
subwindow
<http://news.ycombinator.com/item?id=128119>

------
dcancel
DNSMadeEasy for all my personal domains and Neustar for our work/production
domains.

Love DNSMadeEasy been using them for a while now, no problems beyond a
confusing interface although Neustar's is much worse (interface).

------
johnnyonetine
OpenDNS (<http://www.opendns.com/>)

~~~
aonic
They are talking about DNS hosting for domains..

------
jbyers
Free: EveryDNS Paid: EasyDNS

Looked at Neustar/UltraDNS, and while they were technically appealing, the
pricing got out of hand for what we wanted.

------
cdr
A "FAYC" might be handy. This one in particular seems to come up every week.

------
prakash
Are you looking for DDoS protection?

~~~
tptacek
... and if so, why?

------
chrisbroadfoot
Slicehost

------
jasoncartwright
OpenDNS

