[178201] in North American Network Operators' Group
Re: OT - Small DNS "appliances" for remote offices.
daemon@ATHENA.MIT.EDU (Colin Johnston)
Thu Feb 19 16:06:22 2015
X-Original-To: nanog@nanog.org
From: Colin Johnston <colinj@gt86car.org.uk>
In-Reply-To: <5725295C-B743-4655-92AA-6F44B81EF944@beckman.org>
Date: Thu, 19 Feb 2015 21:06:16 +0000
To: Mel Beckman <mel@beckman.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
here here, apple kits rocks for low end server work, sun kit rocks for =
high end server work.
Colin
> On 19 Feb 2015, at 20:55, Mel Beckman <mel@beckman.org> wrote:
>=20
> Keenan,
>=20
> Red. Herrings.
>=20
> You can provision macs over the network. That's one of the functions =
of Mac OSX Server OS. It's trivial to then promote them to servers =
themselves. All remotely.
>=20
> Also, the Mac is running a full BIND9 implementation, not some cutdown =
version. Yes the GUI is minimal, but there's no need to use the GUI, and =
you don't even have a GUI on other platforms for the most part.
>=20
> BGP speaker? Come on, you're gilding the lily.
>=20
> Yes, Apple is silent about its plans. But the Mac Mini and Server OS =
have been well supported for over a decade. I don't know why you're =
bringing server hardware into this, the whole point of the discussion is =
to avoid using server hardware. And how much open source "road map" has =
failed to materialize? Lots! The future-proofing argument cuts both =
ways, my friend.
>=20
> You may have little confidence in Apple, but the rest of the world =
seems to have great confidence. Just look at Apple's stock performance =
and market cap.
>=20
> As a famous scientist one said: "The absence of data is not data." :-)
>=20
> -mel beckman
>=20
> On Feb 19, 2015, at 12:43 PM, "Keenan Tims" =
<ktims@stargate.ca<mailto:ktims@stargate.ca>> wrote:
>=20
> If you have a lot of locations, as I believe Ray is looking for, all =
of
> this is a manual process you need to do for each instance. That is =
slow
> and inefficient. If you're doing more than a few, you probably want
> something you can PXE boot for provisioning and manage with your
> preferred DevOps tools. It also sounds like he wants to run anycast =
for
> this service, so probably needs a BGP speaker and other site-specific
> configuration that I assume is not covered by the cookie-cutter OSX
> tools. Of course you could still do it this way with a Mac Mini =
running
> some other OS, but why would you want to when there are plenty of =
other
> mini-PC options that are more appropriate?
>=20
> Also: With Apple dropping their Pro products and leaving customers in
> the lurch, and no longer having any actual server hardware, I would =
have
> very little confidence in their server software product's quality org
> likely longevity. And of course they're mum on their plans, so it's
> impossible to plan around if they decide to exit the market.
>=20
> Keenan
>=20
> On 02/19/2015 11:47 AM, Mel Beckman wrote:
> If your time is worth anything, you can't beat the Mac Mini, =
especially for a branch office mission-critical application like DNS.
>=20
> I just picked up a Mini from BestBuy for $480. I plugged it in, =
applied the latest updates, purchased the MacOSX Server component from =
the Apples Store ($19), and then via the Server control panel enabled =
DNS with forwarding.
>=20
> Total time from unboxing to working DNS: 20 minutes.
>=20
> The Server component smartly ships with all services disabled, in =
contrast to a lot of Linux distros, so it's pretty secure out of the =
box. You can harden it a bit more with the built-in PF firewall. The =
machine is also IPv6 ready out of the box, so my new DNS server =
automatically services both IPv4 and IPv6 clients.
>=20
> You get Apple's warranty and full support. Any Apple store can do =
testing and repair.
>=20
> And with a dual-core 1.4GHz I5 and 4GB memory, it's going to handle =
loads of DNS requests.
>=20
> Of course, if your time is worth little, spend a lot of time tweaking =
slow, unsupported, incomplete solutions.
>=20
> -mel
>=20
> On Feb 19, 2015, at 11:32 AM, Denys Fedoryshchenko =
<denys@visp.net.lb<mailto:denys@visp.net.lb>>
> wrote:
>=20
> On 2015-02-19 18:26, =
Valdis.Kletnieks@vt.edu<mailto:Valdis.Kletnieks@vt.edu> wrote:
> On Thu, 19 Feb 2015 14:52:42 +0000, David Reader said:
> I'm using several to connect sensors, actuators, and such to a private
> network, which it's great for - but I'd think at least twice before =
deploying
> one as a public-serving host in user-experience-critical role in a =
remote
> location.
> I have a Pi that's found a purpose in life as a remote smokeping =
sensor and
> related network monitoring, a task it does quite nicely.
> Note that they just released the Pi 2, which goes from the original =
single-core
> ARM V6 to a quad-core ARM V7, and increases memory from 256M to1G. All =
at the
> same price point. That may change the calculus. I admit not having =
gotten one
> in hand to play with yet.
> Weird thing - it still has Ethernet over ugly USB 2.0
> That kills any interest to run it for any serious networking =
applications.
>=20
> ---
> Best regards,
> Denys
>=20
