On 12/07/13 11:11, Arie L. Putra wrote:
Has anyone have experience, how RPZ with huge list will impact BIND
performance, will it reduce DNS response time? we have six DNS server
that will point to this server, each server is serving about 15Mbps of
DNS Traffic on peak hour.
We don't have that kind of load, but we do have a large (~550k) RPZ
setup. It doesn't seem to have any noticeable performance impact,
although I should note we're running bind 9.9.2 with the RRL+RPZ
patches, which contain some RPZ performance improvements in certain configs:
http://ss.vix.su/~vjs/rrlrpz.html
Our query load is in the 400-800qps range, with occasional spikes to
>1500qps.
I had a few problems with RPZ in the past, and it was suggested that our
using bind 9.8 (at the time) might have been an issue; we never
determined the exact cause, but they don't seem to have recurred on 9.9.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
