Re: BIND DNS Server on Windows
On Monday, February 10, 2025 4:31:46 PM CET Ondřej Surý wrote: > I am pretty much confused, unless you are using this setup for educational > purposes, it makes little sense. > > Setup like this is similar to onion - it has layers and it makes you cry, > you can add docker for extra pain or kubernetes for permanent blindness. > > It is going to be much easier to get $5/month VPS. Alternatively get (used) > RPi and host it on a local network. > > Ondrej Raspberry Pi's are really interesting little devices, that - if the budget is around 50-200 euro - could offer a really competitive value proposition. I've had 5 of them for about half a decade by now, though I gave one of them to my little sister as a birthday gift. The first question she asked, was whether it could charge her phone :) The other four have been going on and off in my networks. 2 are currently still in use as gateway devices (running WireGuard and keepalived), while one of them has been used for a satellite network. Their base price of 35 euro is incredible, but there's other costs like power supply (5V 2-3A) to consider. Also, a micro SD card for storage. One may also want to use different means to power the Pi. Personally, I got myself a bunch of 15W UPS boards and used one of the 5V boards to power the aforementioned 2 gateway devices over GPIO pins 3 and 5. This has been stable for about a year now. However, GreatScott (a German electrical engineer on YouTube) measured their outputs, and determined them to be quite electrically noisy. The Pi does not use 5V directly for anything but things like USB, the Broadcom CPU meanwhile uses 3.3V. This suggests that it is stepped down further using an internal power supply, where additional filtering would be expected. I'm not too concerned about it, and the benefits outweigh the costs. He was also heavily invested in fixing similar problems in his powerbanks at the time, so the verdict may have been biased. Lots of switching power supplies are noisy like that. https://www.youtube.com/watch?v=6bicunweBAQ[1] Problem is, 1GB of memory in my 3B's is hardly sufficient for more than just BIND alone. For an entire network, it needed a lot more than that (DHCP, hostapd, Postfix/Dovecot, Samba, ...). The memory requirements quickly balloon back into a fraction of the 100-odd GB I need normally. In retrospect, I'd probably go for 4 or 8GB instead. Additionally, the SD cards are too slow. Newer Pi's do have PCIe exposed for an SSD though I believe, which may be a better option. But that also adds significantly to the cost. Finally, regarding the VPS's... It depends on whether this is for personal education or public production use I guess. If WinBIND was initially considered, I somehow doubt it. The way I see it, the public internet is far too risky a place to learn DNS in. Local service meanwhile can fail with hardly any repercussions. There is something to be said about an old PC, like one of the Optiplex 7040 boxes I currently have in service. They're very quiet, cheap, and can contain up to 2 SATA drives (using a molex splitter and a 3.5" caddy). Those can have their RAM upgraded to 16GB too, and have dedicated 1G networking. The total cost may well be similar to the Pi when fully fleshed out, with the remaining difference being performance, and a UPS being either more expensive, or a lot more complex (replacing the inbuilt power supply and all its voltage rails, not for the faint of heart). As with everything engineering, I suppose it's a variety of compromises. -- Met vriendelijke groet, Michael De Roover Mail: i...@nixmagic.com Web: michael.de.roover.eu.org [1] https://www.youtube.com/watch?v=6bicunweBAQ -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND DNS Server on Windows
On Monday, February 10th, 2025 at 11:16 PM, Michael De Roover wrote: > On Monday, 10 February 2025 15:12:05 CET Turritopsis Dohrnii Teo En Ming > wrote: > > > It appears to be too difficult for me to understand. > > > Not gonna lie, Hyper-V is anything but easy to work with, at least initially. > It was in response to this thread that I realized that I don't even remember > and never documented how I made that network stack work, which I find > concerning. The only thing I do remember is that it could be done in > Powershell. > > If I had to choose between Hyper-V, Virtualbox and VMware, I would say that > Virtualbox and VMware are easier to work with, while Hyper-V gives better OS > integration at the cost of complexity. Against something like QEMU meanwhile, > they all create vendor lock-in. But QEMU on Windows comes with less than > stellar performance, and there is something to be said about qcow2 being just > as locked in of a storage format as the rest. > > Whichever option you choose in the end, I wish you good luck :) > > Best regards, > Michael > I do understand that QEMU is very slow. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individuals in Singapore > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND DNS Server on Windows
On Tuesday, February 11, 2025 3:10:14 PM CET Turritopsis Dohrnii Teo En Ming wrote: > I had considered getting Raspberry Pi before. But the problem is that the > device supports only 1 network card. > > Regards, > > Mr. Turritopsis Dohrnii Teo En Ming > Targeted Individuals in Singapore There is always the option to pick something like a Banana Pi R4 (a router board) instead, but you might want to ask yourself why you need it. It's a common trope among "big server men" to want dozens of cores, terabytes of memory and petabytes of storage for dozens of ports... But on the handful of machines I do have multiple NICs on, I never use them. They don't tend to fail to the point of needing redundancy IME, and dumb switches on a UPS never really fail for me either. But for things like clustered storage, there is a case to be made for a dedicated set of lines just for that, for performance's sake. Probably not something you should concern yourself with at this point though. There is, however, something to be said about your uplink to the internet, as well as your power lines. On one of my travels, I had construction workers ram their shovels into the telephone lines (Belgium's national network situation is rather terrible). Let's just say that I was not pleased. It was eventually resolved, but raised the question about the merits of 4G failover. Generally speaking, start small and see which failures occur in your environment and why. Then progressively address them as they happen. Helps to establish rationale for what you build and why. -- Met vriendelijke groet, Michael De Roover Mail: i...@nixmagic.com Web: michael.de.roover.eu.org -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND DNS Server on Windows
On Monday, February 10th, 2025 at 11:31 PM, Ondřej Surý wrote: > I am pretty much confused, unless you are using this setup for educational > purposes, it makes little sense. > > Setup like this is similar to onion - it has layers and it makes you cry, you > can add docker for extra pain or kubernetes for permanent blindness. > > It is going to be much easier to get $5/month VPS. Alternatively get (used) > RPi and host it on a local network. > > Ondrej > -- > Ondřej Surý (He/Him) > ond...@isc.org > There are additional costs in getting a Raspberry Pi. It would be cheaper to install Linux as a virtual machine inside an existing Windows host. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individuals in Singapore > My working hours and your working hours may be different. Please do not feel > obligated to reply outside your normal working hours. > > > On 10. 2. 2025, at 15:07, Turritopsis Dohrnii Teo En Ming via bind-users > > bind-users@lists.isc.org wrote: > > > > Rather than using WSL, I think I will use Hyper-V, VMware Workstation or > > Oracle VirtualBox instead. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND DNS Server on Windows
On Tuesday, February 11th, 2025 at 9:52 PM, Michael De Roover wrote: > On Monday, February 10, 2025 4:31:46 PM CET Ondřej Surý wrote: > >> I am pretty much confused, unless you are using this setup for educational > >> purposes, it makes little sense. > >> > >> Setup like this is similar to onion - it has layers and it makes you cry, > >> you can add docker for extra pain or kubernetes for permanent blindness. > >> > >> It is going to be much easier to get $5/month VPS. Alternatively get (used) > >> RPi and host it on a local network. > >> > >> Ondrej > > Raspberry Pi's are really interesting little devices, that - if the budget is > around 50-200 euro - could offer a really competitive value proposition. I've > had 5 of them for about half a decade by now, though I gave one of them to my > little sister as a birthday gift. The first question she asked, was whether > it could charge her phone :) > > The other four have been going on and off in my networks. 2 are currently > still in use as gateway devices (running WireGuard and keepalived), while one > of them has been used for a satellite network. > > Their base price of 35 euro is incredible, but there's other costs like power > supply (5V 2-3A) to consider. Also, a micro SD card for storage. One may also > want to use different means to power the Pi. Personally, I got myself a bunch > of 15W UPS boards and used one of the 5V boards to power the aforementioned 2 > gateway devices over GPIO pins 3 and 5. This has been stable for about a year > now. > > However, GreatScott (a German electrical engineer on YouTube) measured their > outputs, and determined them to be quite electrically noisy. The Pi does not > use 5V directly for anything but things like USB, the Broadcom CPU meanwhile > uses 3.3V. This suggests that it is stepped down further using an internal > power supply, where additional filtering would be expected. I'm not too > concerned about it, and the benefits outweigh the costs. He was also heavily > invested in fixing similar problems in his powerbanks at the time, so the > verdict may have been biased. Lots of switching power supplies are noisy like > that. > > https://www.youtube.com/watch?v=6bicunweBAQ > > Problem is, 1GB of memory in my 3B's is hardly sufficient for more than just > BIND alone. For an entire network, it needed a lot more than that (DHCP, > hostapd, Postfix/Dovecot, Samba, ...). The memory requirements quickly > balloon back into a fraction of the 100-odd GB I need normally. In > retrospect, I'd probably go for 4 or 8GB instead. Additionally, the SD cards > are too slow. Newer Pi's do have PCIe exposed for an SSD though I believe, > which may be a better option. But that also adds significantly to the cost. > > Finally, regarding the VPS's... It depends on whether this is for personal > education or public production use I guess. If WinBIND was initially > considered, I somehow doubt it. The way I see it, the public internet is far > too risky a place to learn DNS in. Local service meanwhile can fail with > hardly any repercussions. > > There is something to be said about an old PC, like one of the Optiplex 7040 > boxes I currently have in service. They're very quiet, cheap, and can contain > up to 2 SATA drives (using a molex splitter and a 3.5" caddy). Those can have > their RAM upgraded to 16GB too, and have dedicated 1G networking. The total > cost may well be similar to the Pi when fully fleshed out, with the remaining > difference being performance, and a UPS being either more expensive, or a lot > more complex (replacing the inbuilt power supply and all its voltage rails, > not for the faint of heart). > > As with everything engineering, I suppose it's a variety of compromises. > > -- > > Met vriendelijke groet, > > Michael De Roover > > Mail: i...@nixmagic.com > > Web: michael.de.roover.eu.org I had considered getting Raspberry Pi before. But the problem is that the device supports only 1 network card. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individuals in Singapore-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
