You must log in or register to comment.
DNS is a quite well matured technology and it’s just as complex as it needs to be and not a bit more. It’s a very robust system which has been a big part of the backbone of the internet as we know it today for decades and it’s responsible for quite a large chunk of stuff working as intended globally for millions and billions of people all day every day.
It’s not hard to learn per se (it’s something you can explain on a basic level to every layman in 15 minutes or so), it’s just a complex system and understanding complex systems isn’t always easy nor fast. Running your own DNS-server/forwarder for a /24 private subnet is rather trivial thing to do, but doing it well requires that you understand at least some of the underlying tehcnology.
You really need to learn how to walk at first and build on that to run. It’s just a fundamental piece of technology and there’s no shortcuts with it due to nature of DNS services. You can throw whatever running on a container by following step-by-step instructinos and call it a day, but that alone doesn’t give you the knowledge to understand what’s going on under the hood. That’s just how the things are and should I have my way with things, that same principle should apply to everything, specially if it’s going to face the public internet.
I think your assessment is pretty accurate as for me it wasn’t difficult to learn or understand, but I have a technical background and did when I was learning it. I learned how it does thins and why. I think most people who encounter it just want it to work, and like a lot of tech it’s just magic to them once it starts working
In the words of Dylan Beattie. “There are only two had problems in software programming. Cache invalidation and naming things. So let’s talk about DNS…”
Objection, leading question.
I don’t get it. DNS is easy if you actually learn it and study the thing instead of simply trying to “make it work”.
What’s hard? Set up a server so you can create your own local domains and see what works and what breaks. There are a number of resources out there like the bind9 documents, and plenty of examples from places like stack exchange. Setting up basic domain records with NS and MX records is well documented, and even subdomains are straighforward. Once you have that much working then you can try adding more informational stuff like TXT and PTR records.
Don’t forget to update your serial every time you make an update. The format isn’t important as long as it makes sense to you, but you are limited to a maximum of 10 digits. You can do a straightforward date stamp like 20230729xx (leaving the last two digits for daily changes), you could do a unix timestamp, or you might have your own idea. However if you go backwards in your numbering then you have to wait for the expire time to run out before other servers will pick up your new record.
There’s a huge amount of things you can do with dns records. My own setup involves two ISP connections and a custom root zone down to signed dnssec records. I literally have everything in place to run the whole internet using free software.
deleted by creator
