[Blackthorn]

Please do not run your own DNS server if you do not have the knowledge or expertise to properly secure it. It is extremely irresponsible, and the article is also irresponsible for suggesting it and not having any information about rate limiting.

[kev009]

Use nsd. If you just run an authoritative only service, it is easy to do correctly.

[joesavage]

For the record, the setup shown with PowerDNS is authoritative-only too.

[kchoudhu]

I run a recursing DNS server behind a firewall for my home servers -- is this risky?

[mcpherrinm]

If nobody can query the server from behind the firewall, you're fine. Nearly every home router runs a copy of dnsmasq as a recursive resolver for the users on the local network.

[driverdan]

Plus your DNS servers (you are running more than one right?) are never going to be as fast as Route 53 and the ilk. Spend the $5/m and use a real DNS host.

[mey]

Do you have any suggestions/articles on where people can learn how to run a DNS safely?

[Blackthorn]

Unfortunately, I do not. Even though I personally learned on one of the big boys, I'd still pay somebody else to do this who has it as their dedicated job (like Amazon or Google). It's just not worth the headache and constant monitoring.

At minimum you need conservative rate limiting and monitoring that will page you when you start sending out gobs of traffic.