Open DNS


#1

Is anyone making use of OpenDNS.Com as a complement to DH name servers? DNSReport.Com seems to fairly regularly report one or more DH nameservers failing to reply (particularly to TCP, which is okay technically, but sometimes TCP can make an NS more reachable from behind firewalls that block UDP).

OpenDNS widely publicizes their IP’s as 208.67.222.222 and 208.67.220.220.

So, the idea might be, in addition to ns[1-3].dreamhost.com something like this in Custom DNS:

Record (mydomain.com zone) Type Value
___ [edit] [X] NS ns4.mydomain.com.
___ [edit] [X] NS ns5.mydomain.com.
ns4 [edit] [X] A 208.67.222.222
ns5 [edit] [X] A 208.67.220.220

Question: would this also require PTR glue for those IP addresses? E.g., (per the output of dig -x):

222.222.67.208.in-addr.arpa. PTR resolver1.opendns.com.
220.220.67.208.in-addr.arpa. PTR resolver2.opendns.com.

How far down the rabbit hole do you have to go to configure secondary-sited DNS servers, or simply provide NS from any old nsX.mydomain.com? Sure, adding fourth and fifth nameservers might be a bit like backing up an arc-weld with duct tape, but hey, it’s duct tape, right? :slight_smile:

Also, even if the PTR’s were required, it would appear that this would have to be a special-order item, as Cpanel appears to only provide PTR’s for *.mydomain.com.

The thinking is that if this is validated and blessed by DH, and if people understand and can live with the OpenDNS business model (basically, it’s free 'cuz they sell grossly typo’d non-existent domain names as ad space – they don’t gouge you with common misspellings, they try to FIX those, which is kinda nice); it might be a super low cost way to provide another layer of DNS redundancy for DH customers.

Any thoughts, corrections, public floggings in response to such ideas?