Domain Name System (DNS)

DNS is one of the most important services for the internet. Unfortunately it doesn’t get enough attention.
DNS stands for “Domain Name System”, basically described in RFC 1034. It’s basically a system for mapping hostnames such as www.bsws.de to IP-addresses like 81.209.180.1. It is obviously impossible to manage this in a centralized database. So DNS is – slightly simplified – a worldwide distributed database. The protocol itself is easy on a first glance, but in detail it becomes pretty complicated. You have to pay very much attention to authority chains, glue records and a plethora of other factors.
As you might have noticed DNS is an elementary service. It doesn’t matter if mail- and webservers are running or not if their names can’t be mapped to IP-addresses. We are running three authoritative DNS servers, two located here in our Hamburg data center and one offsite.
As server software we are avoiding the commonly chosen BIND which has a very bad reputation through security problems. We are using the secure alternative “djbdns”, running on OpenBSD/sparc64, OpenBSD/amd64 and OpenBSD/i386 machines.
By the way, our hostmaster Henning Brauer has written the heavily used documentation Life with djbdns, of course hosted here.