[afnog] DNS service
Phil Regnauld
regnauld at x0.dk
Mon Jul 16 14:42:58 UTC 2007
Aline Flore Jounewe [ MTNCameroon Infrastructure Planning - MTN House ] (Jounew_A) writes:
> Y'ellow
>
> I would like to run both: authoritative and caching/Recursive to serve
> customers.
It's not a good idea to mix auth. and recursive for security reasons,
but it _can_ be done if one absolutely wants to.
> Amont all what you listed here, what would you recommend and why?
My recommendation:
OS: Linux, FreeBSD, Solaris - anything will do.
Software: install NSD or BIND on the authoritative side, tinydns/dnscache
on the client/recursive side. Use 2 dedicated machines for each.
Make sure you limit recursion access to the clients which do belong
to your network.
More information about the afnog
mailing list