I also run my own DNS server, but I prefer to maintain just the master. I pay ~$15/yr to outsource the slaves to a third party company who specializes in such things, and I don’t have to worry as much if my VPS provider decides to go down for a few hours, etc. I get a more reliable DNS system, and I still get to maintain control, graph statistics, etc, to my heart’s content.
Glad to see the discipline of self-hosting isn’t completely going the way of the dodo in this day and age!
Any recommendation for a good third part company for such outsourcing?
I also run my own DNS. The main reason is that I run my own mail using https://mailinabox.email/, which has been a reasonably simple and pain-free experience. Paying someone to get better stability could be interesting.
I have added nameservers from BuddyNS to my secondary DNS. For the moment I’m just using their free plan since I’ve delegated to only one nameservers out of the 3 which are serving my zones, and the query count is low enough to keep me on the free plan.
I loved BuddyNS but I went over their query limit and the only payment they accept is PayPal and I boycott PayPal after they stole $900 from me… I wish they would take other forms of payment
I asked for some recommendations online. My biggest requirements were a ‘slave only’ offering, DNSSEC/IPv6 support, and ‘not Dyn’ (I just can’t give Oracle money these days). With all that in mind, I ended up choosing dnsmadesimple.com (edit: looks like they’re $30/yr, not $15 as above. Mea culpa) It was seriously easy to get everything set up (less than 20 minutes!) and now I don’t have to worry about what happens when my master goes down.
Do you mean dnsmadeeasy.com or do you mean dnsimple.com?
dnsmadesimple.com doesn’t exist
My deepest apologies, this is what I get for Internetting when I’m about four cups of coffee short.
dnsmadeasy.com is the correct one.
Hello everyone! This is my first post. :)
I’m Vitalie from LuaDNS. We don’t offer slaves right now (only AXFR transfers), but if you don’t mind to fiddle with git, you can add your Bind files to a git repository and push them to us via GitHub/Bitbucket/YourRepo. You can keep using your DNS servers for redundancy as slaves.
You get backups via git and free Anycast DNS for 3 zones. :)
Interesting - that’s not a bad idea.
If I were a corp I wouldn’t want this method, but for the single user, the investment has been well worth the pay-off - even if I decide to go with a vendor in future, I’ll understand what I’m paying for.
I really dislike pairing, it takes away all the fun in programming and replaces it with a theatrical show.
Programming for me is 95% thinking (when writing and debugging) and 5% typing. My train of thought is orders of magnitude faster than my speech, so when pairing I get bored after 30 minutes and my productivity falls down.
The ordinary domain owners amongst us would probably like a registrar that used real 2FA (i.e. no SMS tokens masquerading as 2FA) and had a phone tree that couldn’t be trivially socially engineered.
Anyone have any recommendations?
I use NameSilo. They have 2FA (with TOTP) and an additional Domain Defender option that notifies you of changes.
NameSilo certainly makes it very difficult to transfer a domain out to another registrar.
If you use their domain privacy service you’ll never get the emails of the other registrar, they only allow you to cancel the outgoing transfer and not to expedite it, and finally once you pass all the hurdles the actual transfer takes 7-8 days instead of the standard 5.
I was with them for all of my domains, but after that recent transfer experience I’ll move everything elsewhere, regardless of how painful they try to make it.
Hover has TOTP.
I use Hover. I switched to them about a year or so ago, specifically because they had TOPT/2FA, and my previous registrar did not. Hover is pretty ok so far.
I’ve been using NameCheap for a while for all of my domain names, and they just started using a custom phone app to do their 2FA instead of only SMS. Never tried to check the security of their phone tree though.