nanog mailing list archives

Re: Recommended DNS server for a medium 20-30k users isp

From: Robert L Mathews via NANOG <nanog () lists nanog org>
Date: Fri, 8 Aug 2025 09:12:06 -0700

On Aug 7, 2025, at 9:41 PM, John Todd via NANOG <nanog () lists nanog org> wrote:

we split traffic on the "back-end" between PowerDNS recursor and Unbound



Using multiple products is definitely best practice. At my company, we have half of our (anycasted) authoritative DNS 
servers using BIND, and the other half using PowerDNS.

If you don't do this, you can be vulnerable to something like CVE-2025-40775, where an attacker can terminate all your 
DNS servers simultaneously by sending each a malicious packet. Or maybe there's some other bug in the software that 
makes it randomly crash at a certain time. If this happens, you want to make sure that only half of them go offline.

-- 
Robert L Mathews

_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/6IXHN4JQQ6QVHT5DSTCQTTLZN3V7PUOC/

Current thread:

Re: Recommended DNS server for a medium 20-30k users isp, (continued)
- Re: Recommended DNS server for a medium 20-30k users isp Rusty Dekema via NANOG (Aug 07)
  - Re: Recommended DNS server for a medium 20-30k users isp Mel Beckman via NANOG (Aug 07)
    - Re: Recommended DNS server for a medium 20-30k users isp Uesley Correa via NANOG (Aug 07)
    - Re: Recommended DNS server for a medium 20-30k users isp Josh Luthman via NANOG (Aug 07)
    - Re: Recommended DNS server for a medium 20-30k users isp Smoot Carl-Mitchell via NANOG (Aug 07)
- Re: Recommended DNS server for a medium 20-30k users isp brent saner via NANOG (Aug 07)
  - Re: Recommended DNS server for a medium 20-30k users isp John Todd via NANOG (Aug 07)
    - Re: Recommended DNS server for a medium 20-30k users isp Crist Clark via NANOG (Aug 07)
    - Re: Recommended DNS server for a medium 20-30k users isp Mike Hammett via NANOG (Aug 08)
    - Re: Recommended DNS server for a medium 20-30k users isp brent saner via NANOG (Aug 07)
    - Re: Recommended DNS server for a medium 20-30k users isp Robert L Mathews via NANOG (Aug 08)
- Re: Recommended DNS server for a medium 20-30k users isp Marco Moock via NANOG (Aug 07)
- Re: Recommended DNS server for a medium 20-30k users isp William Herrin via NANOG (Aug 08)
  - Re: Recommended DNS server for a medium 20-30k users isp David Guo via NANOG (Aug 08)
- Re: Recommended DNS server for a medium 20-30k users isp Måns Nilsson via NANOG (Aug 08)
  - Re: Recommended DNS server for a medium 20-30k users isp Saku Ytti via NANOG (Aug 08)
    - Re: Recommended DNS server for a medium 20-30k users isp Måns Nilsson via NANOG (Aug 08)
    - Re: Recommended DNS server for a medium 20-30k users isp Nick Hilliard via NANOG (Aug 08)
    - Re: Recommended DNS server for a medium 20-30k users isp Mel Beckman via NANOG (Aug 08)
    - Re: Recommended DNS server for a medium 20-30k users isp Nick Hilliard via NANOG (Aug 08)
    - Re: Recommended DNS server for a medium 20-30k users isp Mel Beckman via NANOG (Aug 08)

(Thread continues...)