On 12/16/11 4:57 AM, Kostas Zorbadelos wrote: > James Shupe <jsh...@osre.org> writes: > >> I can't speak for anycast DNS deployments, but I use OSPF heavily in >> large production environments and have had a great experiences with it. >> > > This is very nice to know, thank you. > >>> - what is your opinion about using a latest version of BIND from ISC >>> instead of the BIND distribution coming with OpenBSD? >>> >> The BIND distribution included in the base install is fine. >> > > Unless you happen to need a feature that is available only in a later > version of BIND. The reason I asked is because I saw no relevant > package in ports. > >>> - would you consider Java support on OpenBSD "production quality"? Seems >>> irrelevant but we might utilize some Java tools for >>> measurement/statistics >>> >> I've never used it, but I wouldn't even bother because there are no >> native Java builds available for OpenBSD, and thus it's going to be >> untested and completely unsupported. From the sounds of it, you need to >> rethink your monitoring strategy and consider using SNMP and a central >> statistics server running the software of your choice. >> > > OK, this was an understatement from my behalf. What I have in mind is > more ambitious than just monitoring/alerting. For moniting and graphs, our > cacti/nagios solution will do just fine. But storing and analysing DNS > query data is a whole different story... >
Reporting shouldn't be done on your production servers. Set up a centralized syslog server and send your query logs there for analysis. Henning Brauer says that Java works fine on OpenBSD for large deployments and I take his word for it. Still, running local reports on each server is ridiculous when you're talking about multiple servers providing the same services. > Regards, > > Kostas > -- James Shupe
