Recommendations to replace AWS DNS?
from pinball_wizard@lemmy.zip to selfhosted@lemmy.world on 15 Dec 00:22
https://lemmy.zip/post/55017093
from pinball_wizard@lemmy.zip to selfhosted@lemmy.world on 15 Dec 00:22
https://lemmy.zip/post/55017093
I’ve been de-googling, de-microsofting, and de-Amazoning my life.
One thing I still use for self hosting is AWS Route 53 for Domain Name Services (DNS).
I don’t feel ready to self-host DNS.
Do you all have recommendations for reliable and ethical DNS hosting providers?
Or is self hosting some DNS records less of a big deal than I’m imagining?
Advice on either would be welcome. Thank you!
threaded - newest
Just my opinion and experience. Setup a couple of cheap VPS instances, and setup recognition, one primary, one secondary.
What do you mean by “recognition”?
It’s probably a typo for replication
Yes, mistyped “replication” and got autocorrected to “recognition”. Sorry, didn’t notice at the time.
No worries. But you’re talking about zone transfers?
There are plenty of good options out there! Many use Cloudflare, though they are another giant. I’ve been happy with dsec and freedns, and would recommend both.
Ive used freedns for over a decade; it’s simple and straightforward. Their free tier is plentiful, and their subscription costs are reasonable.
I recently moved my self-hosted services to dsec so I could better automate SSL certs. It’s been nice and easy too!
Thank you!
I’ve been using desec for a couple years as well. Great service and features considering its free.
I use cloudflare mostly because I buy my domains through them as they offer at cost domain names for many TLDs. Internally I use PiHole and then just point what I need externally to cloudflare trough a reverse proxy and a DMZ box.
I use cloudflare also but I suspect that OP will find them unfavourable because they’re just another giant. I’d like to de-cloudflare myself.
Yes. I’m inclined to avoid Cloudflare, if I’m able, for now.
Cloudflare feels like they’re doing the same kind of “were too big and cool to pay our staff or think about uptime” that I’ve been suffering from under AWS, recently.
.
.
I think OP wants somewhere to configure a DNS zone, not just a DNS server to query.
Got it wrong! Sorry
Haha. Yes, I’m looking for a DNS service, at the moment. Thanks anyway!
I have some options: AdGuard (Cypress), ControlD (Austria), Mullvad (Sweeden), and Quad9 (Switzerland) come to mind.
Thank you!
Those are not authoritative DNS providers where you can publish records…
All of them, as far as I’m aware, are no-log. That’s why I made those recommendations.
@pinball_wizard It'll cause much intake of breath through teeth, but #Cloudflare #DNS might be worth a look.
Possibly easier if you plan to use their tunnels or email forwarding later (more intake of breath heard).
Made me laugh, thanks.
I forgot CloudFlare does DNS, thank you.
I do think I’ll start with something smaller and more independent, for now. If only because I feel like I have been intermittentlt cursing their outages for the last couple of months.
Desec.io is a solid option - it allows for various types of records like TLSA and SRV. It can also generate scoped API tokens e.g. for “only TXT records of the
_acme-challengesubdomain of example.com” to use in automated cert renewals, so pretty good for granularity. It’s also a nonprofit.I think selfhosting DNS is beneficial when you wanna control your own DNSSEC keys, but you’d need to account for high availability and safety. With that, you could do what’s called a “hidden primary + public secondary” setup to protect your master DNS data from the public prying. You can even use 3rd-party services like ns-global.zone as your secondaries for redundancy and to reduce load on your infra, too. I recommend Technitium and their guidance if you wanna get started
If your looking for a great DNS provider, OVH is rock solid. They also register domains, I have all my domains and zones with them.
Also a dedi and a VPS, also they have an API for DNS updates that can be used to get certificates for internal domains
Just chiming in with my suggestion - if the company’s location also benefits you:
Mythic Beasts
A private UK company which also hosts VPS in US and NL
I’ve moved my domain here and used their DNS API to remove the need to pay for a couple of DynDNS companys.
0 downtime over… dunno… 5 years?
It’s refreshing to actually see truth in advertising:
Take a look at Bunny ( bunny.net/dns/ ), they’re based in Europe with worldwide coverage, and have a lot of other useful services as well.
servfail.network
I have used CloudDNS with success in the past.