Hacker News new | ask | show | jobs
by donmcronald 1463 days ago
I’d like to add.. Does anyone provide low volume secondary dns for cheap? Cloudflare would be my first pick, but:

> Secondary DNS is only available to Enterprise customers. For more details on activation and pricing, contact your account team.

I recently hit the 150 host limit on Namecheap’s DynDNS and I wanted to see if I could set up a hidden primary DNS server that takes updates from something web based like nsupdate.info. It would be nice to have something like Cloudflare serving things publicly rather than exposing my self hosted bind server.

However, anything I can find is either rate limited a fair bit (Hurricane Electric - which looks nice feature wise) or doesn’t have proper TSIG support or is too expensive for what I need.

I hate having to start with the ghetto feature tier everywhere when I’m trying to learn. I wish I could just use all the features and pay for usage / scale :-(
1 comments
toast0 1463 days ago
How cheap is cheap? How low volume is low volume? You could run secondary DNS on a VPS anywhere. Won't be anycast of course, but won't be hard to make work either. I see lots of articles about fly.io's anycast platform, but I'm not affiliated and haven't tried anything, but they do have a page about UDP services (which don't work on IPv6 right now according to their documentation) and mention DNS. It looks like it takes a bit more config, but not that much.
link
donmcronald 1463 days ago
Really cheap. Lol. Maybe $50 ish per year and then I’d just tolerate exposing my bind server. Low volume is very low since most queries would be for monitoring where the DNS lookups could be done locally to the hidden primary.

Cloudflare looked super appealing because I could spin everything up in Docker containers and expose the web based part via Cloudflare Tunnel which would keep my self hosted infrastructure completely hidden.

It’s tempting to just write something that runs on Cloudflare TBH.

link
toast0 1463 days ago
At your budget, I'd run authoritative DNS on the free tier at a few clouds. If you can get one resolver in east US, west US and Europe, that'll be pretty ok.
link