PowerDNS Introduction OX Summit 2015 All presentations will be on: https://www.powerdns.com/oxsummit
PowerDNS History Founded in 1999 to provide database driven DNS + geographical load balancing between US and EU Since 2006, open source DNS software with highend 24/7 support for major Telcos & ISPs worldwide Since 2015 part of Open-Xchange, together with Dovecot, servicing the needs of the world s largest telecommunications operators
What we power 30% of all Internet domain names 40% - 50% in Europe 95+% of all DNSSEC signed domains Hundreds of millions of Internet Service Subscribers Hundreds of millions of phone numbers 100k+ deployments Thank you
Employees present Peter -> Senior PowerDNS Engineer Pieter -> PowerDNS Engineer Bert -> founder, head geek Plus our friends from Open-Xchange!
PowerDNS Product (areas) PowerDNS Authoritative Server: Hosts domain names on popular databases. Instant DNSSEC. PowerDNS Recursor: Resolves domain names, robust, lots of statistics, very flexible PowerDNS Tooling: lots of ways to study DNS problems and performance Metronome: easy way to gather statistics Pdnsgui: a simple GUI for our products dnsdist: highly DoS and DNS aware load balancer and packet mangler
Authoritative Server Standards compliant serving of DNS information from all relevant databases Text files, dynamic scripts (for dedicated backends, for example) LDAP Native support for legacy BIND zonefiles Easy migration from other name servers Optionally provisioned via error checking API which prevents mistakes from causing downtime Leading DNSSEC implementation worldwide, hosting >75% of all DNSSEC domains 1 click DNSSEC Powerful dynamic abilities Geographical load balancing Scales to millions of domains per server
PowerDNS Recursor Standards compliant resolution of domain names Strive for maximum resolution percentage At highest speed, for best customer experience or conversely, least customer complaints Highly DoS-resilient worry free operation Powerful dynamic abilities Content/NXDOMAIN redirection 'best answer' generation depending on user location/status/enrollment query & answer modification Filtering bad traffic, malware filtering
PowerDNS APIs PowerDNS Authoritative & Recursor have an API HTTP based (HTTPS front proxy) JSON, RESTful Allows for zone creation, editing, removal Error checking! Does not detect ALL errors - no guarantee
PowerDNS Tools Non-production tools, meant for offline analysis or generating test queries Not released as part of PowerDNS, but you can always download them from https://autotools.powerdns.com/ or https://repo.powerdns.com/ Coolest tools: dnsscope (statistics based on PCAP), dnsreplay (replay PCAP to verify your new installation: us versus them stats) But far more: sdig, saxfr, dnsgram, dnsdemog
Metronome Somewhat of an odd tool: almost depency-less Graphite, with graphing rules in Javascript Pretty but also informative graphs on relevant metrics Very simple to setup to get quick private statistics, but you can easily also use our community Metronome Built in graphs for Auth, Recursor, Linux Networking and dnsdist
Dnsdist "dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic. Swiss army knife of DNS problem solving. Add and remove bits, filter out traffic, inspect traffic live from the console Detect infected users, force infected users to other name servers Delay and ratelimit bad queries, refuse to do work for certain hosts/domains And let s not forget: very smart load balancing
How to interact with PowerDNS Mailing lists: pdns-users, pdns-dev, pdns-announce, 1300 subscribers IRC: #powerdns, 120 people, irc.oftc.net Twitter: @powerdns @powerdns_bert @habbie @lieter_ @powerdns_commits GitHub: https://github.com/powerdns/ http://blog.powerdns.com/ Syslog
PowerDNS Introduction OX Summit 2015 All presentations will be on: https://www.powerdns.com/oxsummit