Resilient DNS Infrastructure

DSW are currently rebuilding one of their partners DNS infrastructures. After the recent ShellShock vulnerability our partner decided that after patching their servers they would also like to refresh their servers and upgrade to the latest version. They also asked DSW to provide better performance monitoring and alerting on the new environment.

This project is now underway and the new servers will be both virtual and physical, will be located in two different data centers, will be using three different Internet Service Providers and will be deployed over two domain names. This will create a DNS infrastructure with no single point of failure.

The servers will be built with Debian 7 and will run BIND 9.8. Performance Monitoring will be provided by Cacti and will be based on the current BIND 9.7 templates available that will require upgrading to fit the newer version of BIND. Statistics will be produced for the Name Servers as well as for selected individual domain names.

Leave a Reply

Your email address will not be published. Required fields are marked *