Your Linux Data Center Experts

I thought I would try and do some blogging about interesting packages that I use here that perhaps not too many people know about. Today I am going to look at the (PowerDNS) pdns packages. If you think that bind is the only DNS server out there, you might want to look into pdns. Read on for a review

When people think of DNS software for Linux at least, pretty much everyone knows and uses ISC Bind. It's been around for a really long time and thus has amazing market share, simply due to it having been the only software available for a long time.

There are now several alternatives however. The one that I have had good luck with is PowerDNS. It comes in several sub packages in Fedora. First there OS a pdns-recursor package. This is the one you want if you simply want a caching only nameserver. I use this package on my laptop so I don't need to mess with changing nameservers or have odd hangs from applications (like firefox) when moving from site to site with different DNS servers. It's simple: 'yum install pdns-recursor; chkconfig pdns-recursor on; service pdns-recursor start'. Now you can set your /etc/resolv.conf to use 'nameserver' and away you go.

If you need to serve authoritative domain information (ie, DNS information for domains that you run a authoritative server for), you can install the main 'pdns' package. Along with the main package you can select what back end you would like to use to store your DNS information. Available in Fedora are:

  • pdns-backend-geo
  • pdns-backend-ldap
  • pdns-backend-mysql
  • pdns-backend-pipe
  • pdns-backend-postgresql

Included in the pdns package is a 'zone2sql' command to convert your old bind named.conf and zone files over to pdns database entries. The main config in the /etc/pdns/pdns.conf is well commented and uses a simple directive=value scheme. You can have the pdns server run a local webserver to allow you to monitor it, and the directives will let you do most anything that can be done with a bind named.conf.

So, why use this package instead of bind?

  • Security. pdns has a pretty good security record, and bind has sure had some issues in the past
  • Security. Since so many folks use bind, it's good to use something else simply to avoid monoculture.
  • For a caching nameserver, the pdns-recursor is a small and simple application, no need to install the entire package like bind requires
  • Choice of backends. If you have a lot of DNS data a database backend would be most useful
  • Extra features like monitoring, geo look up (return result based on the geo location)
  • Simpler config file syntax. How many of us out there have missed a }; in a bind config file?
  • Written from the ground up instead of added to over the years

It's pretty easy to start out using pdns-recursor in places where you don't need a full DNS server. Hopefully this has let some folks know about pdns. It's really quite a nice little package. Take a look today.

comments powered by Disqus

Join our other satisfied clients. Contact us today.