Sounds coo with the pi idea. Not sure of the cache level you need but we have great success with fortigates performing firewall and local DNS host even for a small remote site that is part of an MS AD via a VPN tunnel. It can be setup and managed just like a DNS server. No extra devices to learn or manage! Nick Ellermann ~Sent from my iPhone~ On Feb 18, 2015, at 4:08 PM, Maxwell Cole <mcole.mailinglists@gmail.com> wrote: +1 for the pi, The new model has a quad core and 1GB of ram which should be more than enough for a DNS.
On 2/18/15 10:03 AM, Peter Kristolaitis wrote: Not "industrial grade", but Raspberry Pis are pretty great for this kind of low-horsepower application. Throw 2 at each site for redundancy and you have a low-powered, physically small, cheap, dead silent, easily replaceable system for ~$150 per site. Same idea as the Soekris -- just ship out replacements instead of trying to repair -- but even cheaper.
Between having 2 (or more) at each site, plus cross-site redundancy via anycast, it would be pretty robust (and cheap enough that you could have cold-spares at each site).
On 02/18/2015 09:28 AM, Ray Van Dolson wrote: Hopefully not too far off topic for this list.
Am looking for options to deploy DNS caching resolvers at remote locations where there may only be minimal infrastructure (FW and Cisco equipment) and limited options for installing a noisier, more power hugnry servers or appliances from a vendor. Stuff like Infoblox is too expensive.
We're BIND-based and leaning to stick that way, but open to other options if they present themselves.
Am considering the Soekris net6501-50. I can dump a Linux image on there with our DNS config, indudstrial grade design, and OK performance. If the thing fails, clients will hopefully not notice due to anycast which will just hit another DNS server somewhere else on the network albeit with additional latency. We ship out a replacement device rather than mucking with trying to repair.
There's also stuff like this[1] which probably gives me more horsepower on my CPU, but maybe not as reliable.
Maybe I'm overengineering this. What do others do at smaller remote sites? Also considering putting resolvers only at "hub" locations in our MPLS network based on some latency-based radius.
Ray
[1] http://www.newegg.com/Mini-Booksize-Barebone-PCs/SubCategory/ID-309