Hi List,
We are currently looking at using Bind in a DNS blacklist setup to block
adult content from a network. We can scale outwards as far as we want,
but it's the up sizing that has me worried.
Here is a sample of the zone definitions (names changed :) ):
zone "domain1" { type master; file "blocked_domain.zone"; };
zone "domain2" { type master; file "blocked_domain.zone"; };
zone "domain3" { type master; file "blocked_domain.zone"; };
repeat that about 475000 times (not joking)
This causes named to use about 7gig of RAM and a reload time of about
+30 seconds. The conf file is 42meg big.
The zone that is loaded simply has the following:
$TTL 600
@ IN SOA dns.domain dns.domain. (
2014091101
600
300
600
75 )
@ IN NS dns.domain.
@ IN A 127.1.1.1
* IN A 127.1.1.1
We are using the stock bind built by Ubuntu for 14.04, version
9.9.5.dfsg-3 to be exact.
Is there any way we can reduce the memory footprint/optimize this any
more ? Look ups are really fast and not a problem, just reload time and
memory used.
Thanks,
Pieter
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
