Brussels / 4 & 5 February 2023


Hosting your own DNS for 'fun' and zero profit

Sometimes, you can't find a service provider that meets all of your requirements, and you know that there is open source software which can meet them, but you'll have to take on the task of deploying and maintaining it yourself. This talk is about my journey to provide a fully-featured DNS service for my personal domains, using PowerDNS Authoritative Server, at very low cost and without subscribing to any 'big tech' services where I would be the product and not the customer!

In my case, fully-featured includes DNSSEC with online signing, DNS UPDATE (RFC 2136) support (primarily used for ACME DNS-01 challenges for Let's Encrypt certificates), SVCB/HTTPS records, and more. The talk will also cover the way that I use Ansible to manage zones and their content in the authoritative servers, using Ansible modules I created and published. As a bonus, I'll also talk about how I manage recursive resolvers on my LANs with the ability to resolve names from my own domains even if Internet connectivity is lost, and with nearly immediate updates when the zone contents are changed.


Photo of Kevin P. Fleming Kevin P. Fleming