Re: OT - Small DNS "appliances" for remote offices.

[Keenan Tims <ktims () stargate ca>]

If you have a lot of locations, as I believe Ray is looking for, all of
this is a manual process you need to do for each instance. That is slow
and inefficient. If you're doing more than a few, you probably want
something you can PXE boot for provisioning and manage with your
preferred DevOps tools. It also sounds like he wants to run anycast for
this service, so probably needs a BGP speaker and other site-specific
configuration that I assume is not covered by the cookie-cutter OSX
tools. Of course you could still do it this way with a Mac Mini running
some other OS, but why would you want to when there are plenty of other
mini-PC options that are more appropriate?

Also: With Apple dropping their Pro products and leaving customers in
the lurch, and no longer having any actual server hardware, I would have
very little confidence in their server software product's quality or
likely longevity. And of course they're mum on their plans, so it's
impossible to plan around if they decide to exit the market.

Keenan

On 02/19/2015 11:47 AM, Mel Beckman wrote:
> If your time is worth anything, you can't beat the Mac Mini, especially for a branch office mission-critical 
> application like DNS.
>
> I just picked up a Mini from BestBuy for $480. I plugged it in, applied the latest updates, purchased the MacOSX 
> Server component from the Apples Store ($19), and then via the Server control panel enabled DNS with forwarding.
>
> Total time from unboxing to working DNS: 20 minutes.
>
> The Server component smartly ships with all services disabled, in contrast to a lot of Linux distros, so it's pretty 
> secure out of the box. You can harden it a bit more with the built-in PF firewall. The machine is also IPv6 ready out 
> of the box, so my new DNS server automatically services both IPv4 and IPv6 clients.
>
> You get Apple's warranty and full support. Any Apple store can do testing and repair.
>
> And with a dual-core 1.4GHz I5 and 4GB memory, it's going to handle loads of DNS requests.
>
> Of course, if your time is worth little, spend a lot of time tweaking slow, unsupported, incomplete solutions.
>
>  -mel
>  
> On Feb 19, 2015, at 11:32 AM, Denys Fedoryshchenko <denys () visp net lb>
>  wrote:
>
> > On 2015-02-19 18:26, Valdis.Kletnieks () vt edu wrote:
> > > On Thu, 19 Feb 2015 14:52:42 +0000, David Reader said:
> > > > I'm using several to connect sensors, actuators, and such to a private
> > > > network, which it's great for - but I'd think at least twice before deploying
> > > > one as a public-serving host in user-experience-critical role in a remote
> > > > location.
> > > I have a Pi that's found a purpose in life as a remote smokeping sensor and
> > > related network monitoring, a task it does quite nicely.
> > > Note that they just released the Pi 2, which goes from the original single-core
> > > ARM V6 to a quad-core ARM V7, and increases memory from 256M to1G. All at the
> > > same price point.  That may change the calculus. I admit not having gotten one
> > > in hand to play with yet.
> > Weird thing - it still has Ethernet over ugly USB 2.0
> > That kills any interest to run it for any serious networking applications.
> >
> > ---
> > Best regards,
> > Denys