Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Best LightWeight DNS Server
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Best LightWeight DNS Server

clarity_64clarity_64 Member
edited January 2012 in General

At this time, I am using PowerDNS with PowerAdmin, but it is heavier on resources than I would like. What is the best lightweight solution for this? Can I get my zones out of PowerAdmin? I am familiar with Bind Zone files, and I would like for the zone files to be similar.

Comments

  • dmmcintyre3dmmcintyre3 Member

    NSD uses BIND's zone files and uses very little RAM. I have NSD, unrealircd, znc, anope and pptpd running VPS which uses ~25mb ram.

  • NarutoNaruto Member

    You could use Cloudflare and if you don't like the protection it comes with, disable it.

  • andrewandrew Member

    Yes, I recommend NSD too.

  • titanicsaledtitanicsaled Member

    +1 for cloudflare.

    A great free dns service even if you don't want use their webiste protection/acceleration

  • globerglober Member

    +1 for NSD

  • clarity_64clarity_64 Member
    edited January 2012

    Can someone tell me how to generate a hmac-md5 secret? I can't get it to transfer the zone to the slave.

    Here is the error code that I am getting:

    Jan 24 09:09:52 ns2 nsd[31772]: xfrd: zone example.com received error code REFUSED from 1.1.1.1

    The master is throwing this error:

    Jan 24 09:09:50 ns1 nsd[20313]: query tsig unknown key/algorithm
Jan 24 09:10:01 ns1 last message repeated 5 times
Jan 24 09:11:33 ns1 last message repeated 6 times
  • dannixdannix Member 
    aptitude install ldnsutils
ldns-keygen -a hmac-md5 -b 160 -k yourdomain
  • clarity_64clarity_64 Member
    edited January 2012

    How do I use that output?

    ldns-keygen -a hmac-md5.sig-alg.reg.int -b 160 -k example.com

    Gives:

    Kexample.com.+157+54305

    Do I just paste that as the secret?

    Edit: I googled, and I think is a little more complicated that I had thought. I am just going to use NOKEY for now. I am just wanting to create a something like this.

    key:
                    name: "sec_key"
                    algorithm: hmac-md5
                    secret: "Secretgoeshere"
  • AmfyAmfy Member

    I used TinyDNS, a really simple and lightweight dns server. I used a own openvz-container for it and it only needed about 8mb RAM!
    Configuring is relative simple, installation is not total easy but it is possible

  • TheHackBoxTheHackBox Member

    I use PowerDNS as its very stable and it uses BIND zone files. If you really wanted it to, it can use MYSQL also :P

  • dannixdannix Member

    Check the content of the *.private file you've got, there is a Key inside.

    Then in the nsd.conf you just need to make an entry like this:

    key:
   name: somekeyname
   algorithm: hmac-md5
   secret: "HereYouCopyTheContentOfTheKey"

# and then in your zone:
   name: example.com
   zonefile: example.com.zone
# on master
   notify: IP2 "somekeyname"
   provide-xfr: IP2 "somekeyname" 

# on slave
   allow-notify: IP1 "somekeyname"
   request-xfr: IP2 "somekeyname"
  • ksx4systemksx4system Member

    MaraDNS of course :-) but not old 1.x releases, only 2.x makes sense.

  • drmikedrmike Member

    @ksx4system said: MaraDNS of course :-) but not old 1.x releases, only 2.x makes sense.

    Why?

Sign In or Register to comment.