Nameserver Selection - Bind, PowerDNS or NSD

[celiac101]

I am hoping to speed up my server. I am currently hosting my DNS and using Bind. It took me quite a while to correctly tweak all the DNS/Zone files so that I have no errors. I have a couple of questions:

1) If I switch from Bind to PowerDNS or NSD will it create new zone files, or somehow alter my current ones? My hope is that it will use the exiting ones, but I really have no idea what switching away from Bind would change.

2) As long as I have a resolver set up it looks like I can use PowerDNS or NSD, is one considered better for performance than the other?

3) Any other things I need to consider before switching?

 

[cPanelMichael]

Hello @celiac101,

1) If I switch from Bind to PowerDNS or NSD will it create new zone files, or somehow alter my current ones? My hope is that it will use the exiting ones, but I really have no idea what switching away from Bind would change.

Your existing DNS zones will remain in-tact and active upon switching to a different name server. No manual steps or changes are required.

2) As long as I have a resolver set up it looks like I can use PowerDNS or NSD, is one considered better for performance than the other?

You'd want to use external resolvers (e.g. a resolver from your data center or a public resolver such as 8.8.8.8) in your /etc/resolv.conf file if you switch to PowerDNS or NSD. Performance can vary depending on the amount of domains you host and your server's hardware. You could always try out both to see which one performs better on your server.

3) Any other things I need to consider before switching?

I recommend PowerDNS over NSD due to the built in support for DNSSEC that comes with PowerDNS.

Thank you.

 

[celiac101]

Are there mandatory settings in pdns.conf that I need to change? It looks like the default file.

Also, the service seems to be running, but when I restart the DNS server now I see this:

Waiting for “pdns” to restart ………waiting for “pdns” to initialize ………finished.

Service Status
pdns (/usr/sbin/pdns_server --daemon) is running as named with PID 26129 (systemd+/proc check method).

Startup Log
Nov 07 10:31:32 server1.domain.com pdns[26129]: binding UDP socket to '0.0.0.0:53': Permission denied
Nov 07 10:31:32 server1.domain.com pdns[26129]: binding UDP socket to '0.0.0.0:53': Permission denied
Nov 07 10:31:32 server1.domain.com pdns[26129]: binding UDP socket to '0.0.0.0:53': Permission denied
Nov 07 10:31:32 server1.domain.com pdns[26129]: Unable to reuse port, falling back to original bind
Nov 07 10:31:32 server1.domain.com pdns[26129]: Unable to reuse port, falling back to original bind
Nov 07 10:31:32 server1.domain.com pdns[26129]: Unable to reuse port, falling back to original bind
Nov 07 10:31:32 server1.domain.com pdns[26129]: binding UDP socket to '0.0.0.0:53': Permission denied
Nov 07 10:31:32 server1.domain.com pdns[26129]: Unable to reuse port, falling back to original bind
Nov 07 10:31:32 server1.domain.com pdns[26129]: binding UDP socket to '0.0.0.0:53': Permission denied
Nov 07 10:31:32 server1.domain.com pdns[26129]: Unable to reuse port, falling back to original bind

Log Messages
Nov 7 10:31:32 server1 pdns[26129]: Unable to reuse port, falling back to original bind
Nov 7 10:31:32 server1 pdns[26129]: binding UDP socket to '0.0.0.0:53': Permission denied
Nov 7 10:31:32 server1 pdns[26129]: Unable to reuse port, falling back to original bind
Nov 7 10:31:32 server1 pdns[26129]: binding UDP socket to '0.0.0.0:53': Permission denied
Nov 7 10:31:32 server1 pdns[26129]: Unable to reuse port, falling back to original bind

 

[cPanelMichael]

Hello @celiac101,

There's no requirement to modify the default PDNS configuration settings.

Nov 7 10:31:32 server1 pdns[26129]: Unable to reuse port, falling back to original bind
Nov 7 10:31:32 server1 pdns[26129]: binding UDP socket to '0.0.0.0:53': Permission denied

This suggests another service is already running on port 53, and I've been unable to reproduce this error when switching to PowerDNS on a test system. Can you verify if this is still happening? If so, can you post the output from the command below?

netstat -lnp | grep :53

Thank you.

 

[celiac101]

# netstat -lnp | grep :53

tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      8553/pdns_server
tcp6       0      0 :::53                   :::*                    LISTEN      8553/pdns_server
udp        0      0 0.0.0.0:53              0.0.0.0:*                           8553/pdns_server
udp6       0      0 :::53                   :::*                                8553/pdns_server

I see the errors whenever I restart the DNS Server. This link:
github.com/PowerDNS/pdns/issues/4180
pdns_server always logging "Unable to bind UDP socket..." · Issue #4180 · PowerDNS/pdns

indicates it may be normal, but I'm just not sure. It says:

"service pdns monitor starts a foregrounded pdns_server, and before that you already start a backgrounded pdns_server using systemctl start pdns. Only one instance can run at one time..."

 

[cPanelMichael]

Hello @celiac101,

While it might not cause any problems as far as functionality, I'm not able to reproduce that output when restarting PDNS on a test system. Can you open a support ticket so we can take a closer look to see why it's happening on your server? You can post the ticket number here and we'll update this thread with the outcome.

Thank you.

 

[celiac101]

After a server restart, this issue went away.

I guess the main question I still have is can I improve performance by editing the conf file for PowerDNS? I went through their site in detail and made changes to the conf as they recommended, but it actually seemed to greatly slow things down.

 

[cPanelMichael]

I guess the main question I still have is can I improve performance by editing the conf file for PowerDNS? I went through their site in detail and made changes to the conf as they recommended, but it actually seemed to greatly slow things down.

Hi @celiac101,

You are welcome to tune the configuration file, but it's a good idea to consult with a system administrator if you need help with specific performance-related tuning advice. We provide a list of companies offering system administration services at:

System Administration Services | cPanel Forums

Thank you.