On Thu, Feb 07, 2019 at 11:16:45AM +0100, Aham Brahmasmi wrote: > > > > [1]: https://blog.sigterm.se/posts/to-the-cloud-dns-edition/ > > Tack så mycket Patrik for that informative blog post. Could I request > you to please help me with my queries: >
Since the question was posted to the list I'll include the list in this initial response, but any further discussion I will gladly take offlist to not disturb the work of the porters. > 1) Since the capability to run OpenBSD virtual machines is now present > in the base, would you still suggest running authoritative DNS in > "cloud" vs on VMs in on-premise/rented baremetal OpenBSD machines? I > ask this because I have trouble relying on cloud, and as I have learnt, > "free" in cloud usually translates to "you do not know how you pay". My reasons for running "in the cloud" are not based on a former lack of virtualization support in OpenBSD. More than anything else it is based on trying new things for fun, cost and the maintenance required to support your own infrastructure. Would you be better served by running your own infrastructure on bare metal? I can't really tell you that, as with so many other things "it depends". I agree there are trust issues involved with free services, so again, it depends on your needs. Sorry i don't have a more concrete answer :). > 2) Could you please elaborate on the custom built DNS server daemon? I > find that very interesting, especially when combined with OpenDNSSEC. > It is a minimal service written in go, there is some code here: https://github.com/eest/cds For production work I would probably not start out with building my own ServeMux implementation but rather use the default one. I did so here for the learning experience. The responses from that service are not signed at this point, so there is no correlation with OpenDNSSEC. -- Patrik Lundin
