Docker and CoreDNS deployed for resiliency.

I’ve been wanting to migrate DNS servers I have in a DMZ from Windows Core to another DNS service for some time. With the Windows Core servers, zones were being transfered to the core servers to serve records to DMZ servers. I didn’t like this approach because it was transferring the whole zone and could allow a malicious actor to enumerate the whole domain. Our DNS doesn’t change that often, so the ‘manually’ updating of a file didn’t seem to big of a deal, but it is another set of records that must be kept, but in that it does provide flexibility without the dependence of Active Directory....

May 20, 2021 · 9 min · Chris