Your GammX1 comment mentions server pilot. What does server pilot have to do with running DNS slaves other than adding potential security issues?
Personally I won’t be voting for it. If the suggestion included the following, yes.
It would be great if someone can find a free or low cost DNS provider that meets the following technical requirements:
Expert DDOS attack mitigation done at the router level.
Redundancy in their network topology and data center locations.
Authentication (TKEY).
DNSSEC support.
Secondary DNS with standard AXFR zone transfers.
Avoid single points of failure… including two slaves.
Unfortunately I know of no free/low cost DNS providers that provides all that. Other than running DNS myself the best alternative I know of is Rollernet and Rollernet only offers the TKEY service with their fee based accounts starting at $5 a month or $50 per year…
Someone, including myself, could provide most of that on a $5 a month DO VPS, but how do we securely send the authentication key is the question. My first choice would be PGP and require the applicant to have a public key in the strong set, but that can present a significant barrier to entry. A better solution would be to provide a deb package, which among other things automates the secure transfer of keys and key rotation.
The mentioned one is not server pilot the mentoined one there, is serverpilot.io and that’s the web panel used at the secundary DO droplet web server… Never said that would have anything to do with running DNS slaves there…
Just the first DO droplet powered by MiaB acts as Mail server + DNS Mger. and it’s that one I would like to get secundary DNS provider that could mirror and serve my DNS zones there for at no ‘extra’ cost…
Then knowing we’re already paying DO for the droplets why not to ask them to add xfr: support to their current DNS Mger.?