On 12/13/22 13:11, Tom Horsley wrote:
On Wed, 14 Dec 2022 07:16:43 +1030
Tim via users wrote:
> I have a server PC running 24/7, so I use it instead.
Me too. I used to use bind, but it became impossible to configure when
they started enforcing DNS encryption, switched to dnsmasq and wondered
why I ever bothered to fool with bind :-). Dnsmasq gets names
out of the /etc/hosts file and I configure a fixed IP in my router's
dhcp for every device on the network so the fixed /etc/hosts entries
will always be correct.
knot is great nameserver that uses bind format zone files. Much smaller
than bind and doesn't require encryption. Changes to the conf file
requires a systemctl restart; changes to the zone files requires a
systemctl reload. Other than that it just runs and runs and ...
Only caveat: the SOA record must be on a single line. That is a tricky
one to debug.
They also offer a resolver: kresd.
I stack them. dnsmasq points to kresd and kresd points to knot. Rock
solid.