Todo list for powerdns
2026-02-06
Quick WIP todo list for finally setting up my own authoritative dns server.
Reasoning/Background might follow at the end.
- Plan deployment two dns servers because usually that's required 1 on homelab application server 1 on rented VPS
servers will be ns1.shiny.space (homelab) and ns2.shiny.space (vps)
cloudns allows setting "glue records" / child dns servers (read why at the end) -> these are A records pointing to the IPs of my server. note: homelab IP may change DONE
- Software we'll give powerdns authoritative a shot. supposedly good performance and scriptable via API. it should be available as packages on arch/debian, and appears to be a well-maintained BSD port as well.
homelab will be the primary, vps the secondary/slave. make sure the API of the primary is secured/not public
- Setup copy existing records from cloudns, and later cyon, into it then switch over the nameservers for the domains to nsX.shiny.space hope it works!
why "glue records" child dns servers? imagine the server is at ns1.shiny.space, but that same server is responsible for all domains in shiny.space. how do you find nds1.shiny.space's IP when you need to query shiny.space for it?
that is what glue records solve, and good registrars let you set them. they propagate at the registrar level so don't use them for frequently changing ips.
why run your own? main motivation to check this out was Cyon not supporting the necessary record types for DMARC for my email server. Additionally, it'll be nice to have my own setup if i ever need to switch off cloudns/cyon as registrars (which i should, at least cloudns upsells/ads are getting VERY annoying)