Migrated all my zones to from coredns to knot. Knot just makes it so much easier to use dnssec.

· · Web · 1 · 0 · 0


Never heard of CoreDNS?
But have you tried PowerDNS? DNSSEC with pdns is extremely easy too :)

@selea I've looked at powerdns before but found the docs a bit confusing. Never tried it though.
I mainly decided to go with knot because I don't really use the different storage backends powerdns provides.


Yeah I thought it was confusing at first too, but I later found it really great :)
So I use it for my 3 authorize DNS servers now :)


Do you expose the API to the internet (with some sort of authentication of course)? I have a PoC setup but since I use LE through DNS I noticed that this will become a problem :/

And also do you handle an anycast/latency situation? (I'm in my PoC I simply decided to go for long TTLs but that only solves the second resolution)



I did not expose the API to the internet actually, but I use a software that administrate the zones directly via the database.

The servers I have is not anycasted, I did not find the need for it in my case.


Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!