Dyn is a great DNS product for medium to large organizations that want resilience and security in DNS management.
March 09, 2019
Dyn is a great DNS product for medium to large organizations that want resilience and security in DNS management.
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Oracle Dyn Managed DNS
We used to host external DNS servers inside the organization on some Solaris 5 Unix boxes, until a couple of years ago. My predecessor was involved with transitioning to a hosted DNS product, but we didn't stay with that provider for very long. When that guy left, my coworker chose Dyn as hosted DNS, and when he left it fell to me. I had already been using it for some time though.
I like the interface of it. We have about 15 domains for which we use it. Updates were very fast. I use Lets Encrypt's certbot for SSL certificates. One of the sites I used it for is limited to LAN and a handful of external IPs, so renewing certificates was a hassle. The newer method to prove domain ownership is by creating a DNS TXT record and letting the renewing script pick up the TXT token. This could take a while with privately managed DNS, but Dyn has a large presence, so updates propagate fairly quickly.
My company was recently purchased and the parent co. has its own DNS management choice, so we've moved out of Dyn :(. If it were up to me, I'd like to stay with Dyn.
Lastly, the Export editor is very useful. Among other functions, you can export the zone files individually for backup purposes.
- Updates are very fast.
- The serial number is updated using the standard YYYYmmddHHMMSSxx format, and the zone notes are kept for a while.
- They employ 2FA (Google Authenticator, not that SMS garbage) for signing in. I've tried to push this, but it wasn't adopted by all of my IT colleagues. At least if our DNS had been compromised, it wasn't going to be with my account.
- The account ownership can be a big to-do if the account owner leaves the organization. My leader was let go, and the account was in her name. When my company was purchased and she was let go, we moved to another DNS hosted platform, and getting the account out of her name was complicated. I suppose that's best for security though.
- I really don't have any complaints about Dyn. It's a great service.
- I'm told our plan was expensive. I don't know exactly what it ran, though.
- When we hosted our own DNS on some old Solaris 5 Unix boxes, we had to stock parts and/or keep them on hardware service contracts. The contract to keep these boxes covered -- we had several identical boxes doing different things -- was a couple hundred dollars per month, so switching to hosted DNS management saved us that amount of money per month.
- We have spotty ISP service on the primary provider. Had we still been hosting, DNS queries could've been corrupted or gone unanswered.
We used CloudFlare for one of our domains because of their CDN. It also handled re-directs and the other usual DNS tasks. UltraDNS was the provider we used for a short time before Dyn. I didn't manage it, so I can't compare.
Before hosted DNS, we were managing DNS internally on outdated Solaris 5 Unix boxes, running BIND v4, I believe.