Expanding the RIPE NCC Authoritative DNS Service means cooperating with the community to find organisations out there willing to host AuthDNS instances on their networks. In this article, find out exactly what's required from hosts and how to apply.
What is Hosted DNS?
The RIPE NCC operates its two DNS services, namely K-root and Authoritative DNS, using a combination of architectures.
The first type of architecture is called a “Core Site”, and consists of a router for handling BGP peering and routing, and several Linux servers for providing the DNS service. The RIPE NCC pays for and operates such sites.
The second type of architecture is called “Hosted DNS”. This is a single server that handles both the routing and DNS services, and is typically deployed in ISP networks or connected to smaller internet exchanges. This is a shared model. A host provides the server and connectivity, while the RIPE NCC installs, configures and runs the service.
More Flexible Requirements
Our original requirements for a hosted K-root instance specified a Dell server, with certain minimum specifications. In recent years, virtualisation technology has improved significantly, such that a well-provisioned virtual server can now perform as well as a dedicated server. We will therefore accept requests to run our hosted DNS services on virtual servers.
The virtual server will need to be provisioned with enough RAM, storage and network interfaces. In particular, the storage should ideally be backed by NVMe technology for best performance. Container technology such as LXC or Docker is not suitable for this service.
Back in 2015, when we began expanding the K-root service, we developed an application to handle requests from people who wanted to host a K-root server. We received many requests, and deployed several K-root servers.
Last year, we announced plans to expand our Authoritative DNS service in the same way as K-root. The application we used for K-root has been rewritten with better backends, and some of the issues we had with the original one have been fixed. Most importantly, it now handles requests for both services.
We will continue to accept applications for K-root, but we are very keen to expand our Authoritative DNS service. If you’re interested in hosting this service, please apply here.
Authoritative DNS Expansion Strategy
We want to improve the reachability and resilience of this service in regions other than Europe. Therefore we are most interested in requests from hosts in the Americas, Asia and Africa.
If we receive several applications at the same time, we will process them in small batches so that the growth of the service is steady.