Follow

Migrated all my zones to from coredns to knot. Knot just makes it so much easier to use dnssec.

@bn4t

Never heard of CoreDNS?
But have you tried PowerDNS? DNSSEC with pdns is extremely easy too :)

@selea I've looked at powerdns before but found the docs a bit confusing. Never tried it though.
I mainly decided to go with knot because I don't really use the different storage backends powerdns provides.

@bn4t

Yeah I thought it was confusing at first too, but I later found it really great :)
So I use it for my 3 authorize DNS servers now :)

@selea

Do you expose the API to the internet (with some sort of authentication of course)? I have a PoC setup but since I use LE through DNS I noticed that this will become a problem :/

And also do you handle an anycast/latency situation? (I'm in my PoC I simply decided to go for long TTLs but that only solves the second resolution)

@bn4t

@sheogorath

I did not expose the API to the internet actually, but I use a software that administrate the zones directly via the database.

The servers I have is not anycasted, I did not find the need for it in my case.

@bn4t

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!