nibb

Well-Known Member
Mar 22, 2008
319
5
68
I'm aware that cPanel supports PowerDNS now but if you enable DNSSEC it cannot be used with a cluster, and that makes it a bit pointless.

But traditionally, cPanel used BIND, and so does the cPanel DNS only product, the implementation of PowerDNS done by cPanel basically just reads the BIND flat files.
So I'm a bit confused if switching to PowerDNS should be done or not for those still running BIND or they should wait.

Is DNSSEC also coming to BIND in the future or it's going to be only for PowerDNS? If the answer is DNSSEC will be PowerDNS only, does this mean that PowerDNS will be the default option for cPanel in the future regarding DNS clustering?

I know one of the biggest things people claim about PowerDNS is scaling because they claim BIND has to be reloaded for zone changes but that is actually easy to solve by just caching or buffering changes and making one reload for all of changes once every couple of minutes instead of each change.

Also, while people love PowerDNS because they can use MySQL, that is in no way faster than flat files. Flat files for anyone that understands about computers is always faster than databases, so switching from BIND flat files to PowerDNS with a database while you gain management features, you are actually losing on performance and DNS is all about performance (the faster you resolve the queries, the better).

PowerDNS users claim you can still use flat files if you want, but that is not exactly how most people run PowerDNS (no benefits over BIND otherwise), said that, BIND is better regarding performance unless you need hundreds of thousands of records.

To resume. Should cPanel customers using BIND with clustering switch to PowerDNS or not?
 
  • Like
Reactions: bejbi

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,226
463
Hello,

There are currently no plans to offer DNSSEC with BIND. You can switch to PowerDNS for clustering if you find it performs better, but as you mentioned there's no support for DNSSEC at this time. You can find some more details about our plans for DNSSEC support in a clustering environment, and leave some feedback as a comment, on the following feature request:

DNSSEC support in Clustering

Thank you.
 

nibb

Well-Known Member
Mar 22, 2008
319
5
68
Ok. So it looks like this today?

BIND standalone = Yes

BIND clusterized = Yes

BIND DNSSEC = No, and not planned.

**********************************

PowerDNS standalone = Yes

PowerDNS clusterized = Yes

PowerDNS DNSSEC = Standalone Only Now

PowerDNS DNSSEC Clusterized = Planned in some Future

**********************************

Is this correct?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,226
463
Hello,

Yes, that's correct.

Thank you.