Domain Name Systems (DNS) is a crucial aspect of web technology, and it is extremely important to make sure that your DNS is working efficiently, because essentially what it does is give your website visitors accurate and fast content. And isn’t speed and functionality what customers want?
To help you decide which DNS products are the best for your IT, Monitis has begun a series of new posts that identify and outline the pros and cons of major DNS providers. In our first post, we focused on hosted DNS providers, such as OpenDNS, Google Public DNS and DNS Advantage.
In this post, we’re discussing DNS software solutions.
A bit About DNS
DNS is basically a distributed database of computers forming part of a network, enabling simplified local control of all of the database segments. As a result, DNS makes each segment available through the network in a client-server scheme. It contains mappings of DNS domain names to data. In addition, DNS is a protocol for Transmission Control Protocol/Internet Protocol (TCP/IP) networks. DNS is the very mechanism in this, our computer era, that queries and updates databases. In addition, it also replicates the information in the database among servers.
A DNS server converts human-readable web addresses into a computer-readable number. This readable number is also known as an IP address. Once a computer knows the IP location of a web domain name, it opens the website in the browser. The main purpose of DNS Management Software is to keep all DNS servers — whether remote or local — functioning manageably and efficiently. The computer software reduces human error in editing complex and repetitive text-based DNS server configuration files. Such files are often deployed on multiple physical servers.
Below are descriptions of several popular DNS software products. DNS software is critical for resolving (or translating into IP addresses) domain names. DNS software works integrally with DNS hardware.
MaraDNS is a fully open-sourced DNS known for offering secured service. The DNS server software is written in C (no C++) and is suitable for embedded systems. The highly featured DNS server can be configured as authoritative or as a caching / recursive DNS server. Lightweight MaraDNS requires a three-line configuration file to perform basic recursive caching. It is a solution for various operating systems including Mac OS, GNU/Linux, Windows and the Solaris operating system.
The MaraDNS server offers the following benefits:
- Offers great security and a good option for environments where security of a DNS server is must and where the server must use the absolute minimum number of resources possible.
- It’s easy to use. Only a single three-line configuration file is required for a basic recursive configuration, while a four-line configuration file and a one-line zone file is needed for a basic authoritative configuration.
- MaraDNS’ binary is smaller than that of any other currently maintained recursive DNS server. The DNS is well suited for embedded applications and other environments that require the minimum possible number of resources.
BIND stands for Berkeley Internet Name Domain, and it is a free Domain Name System resolution software solution. In addition to being a reference implementation of DNS protocol, the software solution is production-grade software, suitable for use in high-volume and high-reliability applications. It makes the Internet safer through integrated Web content filtering. BIND can be download free under the ISC License, a BSD-style license. Custom BIND is often used by a small business or home network.
BIND is the most widely used DNS software on the Internet. It provides a robust and stable platform which several organizations can use to build distributed computing systems in compliance with published DNS standards.
The benefits of BIND follow:
- Offers great security (DNSSEC,TSIG),Ipv6
- Features DNS Protocol Enhancements (IXFR,DDNS,DNSNotify,EDNS0)
- Offers multiprocessor support
- Features an improved portability architecture
PowerDNS is a free software DNS server and is available in the market — both as hosted service and a software solution. The DNS product is written in C++ and licensed under the GPL. It mainly works on most Unix derivatives and Microsoft Windows. Basically, there are two components of PowerDNS: the Authoritative Server and the Recursor.
Both parts are used separately and together as well for flawless performance. The function of Authoritative Server is to answer questions about domains it knows about. But it does not go out on the Internet to resolve queries about other domains. However, using a recursive backend provides that functionality. As per the requirement, this backend can be either the PowerDNS recursor or an external one.
Check out these features of PowerDNS:
- Multiple users and admin/owner roles
- Basic reporting
- Integrated searching
- Audit history of domain/RR changes
- Growing support capacity for a variety of RR types
- Restful API for integration into other systems
- Support for TSIG for authorizing incoming and outgoing zone transfers
- Pros of using PowerDNS are mentioned below:
- Easy auditing, as PDNS source code is very small (about 10, 000 lines);
- Provides a lot of statistics on its operation, which is required to determine the scalability of an installation and the spotting problems.
DnsMasq is an open-source DNS service solution. It’s very lightweight, so the DnsMasq, DNS forwarder and DHCP server can be easily configured. In addition to offering a DNS service provider, it also provides DHCP to a small network.
Highly featured DNS service provider is a non-recursive caching DNS server. It is a good option for a small network, where it requires low resource use and ease of configuration. The DNS server can serve the names of local machines which are not found in the global DNS. DnsMasq supports static and dynamic DHCP leases and BOOTP/TFTP/PXE for network booting of disk-less machines.
Mentioned below are features of DnsMasq:
- Configuration behind the firewall is simple and doesn’t depend on the details of the ISP’s DNS servers;
- Clients trying to do DNS lookups, while a modem link to the Internet is down, will time out immediately;
Check out these benefits of DnsMasq:
- Dnsmasq serves names from the /etc/hosts file on the firewall machine. The names can be addressed without having to maintain /etc/hosts on each machine;
- Dnsmasq supports MX and SRV records and can be configured to return MX records for any or all local machines;
- Configuration of Dnsmasq helps in sending queries for certain domains to upstream servers handling only those domains. That makes it easy to integrate with private DNS systems.
djbdns is a simple and open-source software kit for serving and resolving DNS data. It is secure, reliable, small and fast. The software package consists of server, client and some miscellaneous configuration tools. The DNS product is both authoritative for one or more domains, as well as a caching recursive server for DNS clients. In addition, it is an AXFR server for slave servers.
Here are some pros and cons of djbdns:
- Djbdns makes code sizes smaller and more manageable. It reduces the number of lines of codes that are run with privileges, and takes a more practical approach to security;
- djbdns can support the zone transfer over TCP using the axfrdns daemon;
- djbdns may allow a malicious user to spoof DNS records, resulting in a loss of integrity.
Microsoft DNS is a popular DNS service included in Microsoft Windows operating systems. The DNS service is useful for users using networks requiring secure updates. Moreover, in order to take benefit of Active Directory replication, Microsoft DNS is a better software solution.
Check out these positive aspects of the Microsoft DNS software solution:
- Microsoft DNS provides support to Dynamic registration of SRV records registered by an Active Directory server or a domain controller during promotion. Client machines can find domain controllers in the network with the help of SRV records;
- Reduces administration overhead for load balancing on user networks;
- Microsoft supports Secure Dynamic updates. When you use Microsoft DNS, unauthorized access is denied;
- Exchange server needs internal DNS or AD DNS to locate Global Catalog servers;
- The DNS solution integrates DHCP with DNS for low-level clients to register their Host records in the Zone database.
MyDNS is a popular free DNS software solution that works very efficiently on the UNIX operating system. A unique feature of MyDNS is its design for utilizing the MySQL database for data storage.
By installing the DNS server, users can be assured of stability, security, interoperability and speed. It includes neither recursive name service nor a resolver library. Its installation is beneficial for organizations with many zones and/or resource records that need the ability to perform real-time dynamic updates on their DNS data via MySQL.
Following are benefits of MyDNS:
- It is not required to reload DNS server after any change in any or all zones;
- Speed is not affected according to the number of zones and number of entries a zone has;
- As it is backed up by MySQL /PostgreSQL, you can load-balance or mirror the databases.
Here are some positive features of MyDNS:
- MyDNS is very clever and the mydnsimport can be used to import zones from existing DNS servers with AXFR transfers;
- MyDNS reads the records from the database simply. It does not require restart/reload when DNS records change or zones are created, edited or deleted.
After having looked at many different types of DNS management software, Monitis feels that OpenDNS is the best DNS service provider — as it performs well in the competition. It has almost all the features sysadmins look for, including anti-phishingn protection, Web content filtering, the ability to block malicious sites, Recursive DNS server, etc. Highly featured OpenDNS can be utilized by businesses, schools and consumers.
Microsoft DNS, BIND and Norton DNS can also be used by small to medium businesses.
BIND is the most commonly used DNS service on the Internet, it has a long history of trust among system administrators, and on Unix-like operating systems, it is the de facto standard.
We at Monitis hope that this analysis of both DNS hosted solutions and software will help you determine the best solutions for your company. Don’t forget, too, that Monitis’s own DNS monitoring solution will alert you when your DNS server malfunctions– extra insurance for these excellent DNS products that we’ve described.
Monitis is a 100% Cloud-based IT monitoring platform which consolidates back-end server monitoring, application monitoring, website monitoring, and cloud monitoring in an all-in-one, central monitoring service. The platform is customizable and may be used for monitoring of all kinds of IT assets such as websites, servers, routers, switches, VoIP devices, DNS, databases, processes and IP devices.