Fwd: performance on the big query traffic
Hello, May I ask this question to the list? Currently one of our domains has been getting more than 100 million DNS query traffic each day. The domain is hosting on the registration provider. If we run the DNS by ourselves with Bind, can two Bind hosts handle this size of query traffic? What's the suggested IDC and server hardware for them? Thanks. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
auto update signatures dnssec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hello bind network
good day and merry christmas.
I just put in place guidelines in bind config to update the signatures
dnssec
I'm looking for options that require the least amount of maintenace that
all updates of signatures are performed without any external intervention
i quote my named conf
zone "fakessh.eu" {
type master;
file "/var/named/fakessh.eu.hosts";
auto-dnssec maintain;
update-policy local;
key-directory "/var/named/keyset-fakessh.eu";
allow-transfer { 213.251.188.140;87.98.164.164;
195.234.42.1;94.23.59.30; };
};
is what the guidelines are good options
my named
~]# rpm -qa | egrep bind
bind-9.7.0-5.P2.el5
bind-devel-9.7.0-5.P2.el5
bind-sdb-9.7.0-5.P2.el5
bind-utils-9.7.0-5.P2.el5
bind-libs-9.7.0-5.P2.el5
i use CentOS 5.5 with custom kernel
many returns are welcome
sincerely
- --
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7
gpg --keyserver pgp.mit.edu --recv-key 092164A7
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iD8DBQFNF88EtXI/OwkhZKcRAghLAJ4824Dgic38D2D/dvRBhc0ugH+LYgCfala4
279dg3VXyajosfPRn9Zbi4Y=
=BBuN
-END PGP SIGNATURE-
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: Fwd: performance on the big query traffic
>> Currently one of our domains has been getting more than 100 million DNS >> query traffic each day. The domain is hosting on the registration >> provider. If we run the DNS by ourselves with Bind, can two Bind hosts >> handle this size of query traffic? What's the suggested IDC and server >> hardware for them? 100 million queries pr day. That's not really a huge number - unless I miscalculate, it's about 1157 queries per second, and that's not really a very big number. I recently did some rudimentary benchmarking, showing a server with some approx 3GHz multi-core Xeon processor was fully capable of answering up to (and probably a bit above) 100.000 queries per second without breaking a sweat and without any huge increase in latency/response time (benchmark was done locally though, without involving the network, and only asking for local data). I have also done the same basic benchmarking on older Sun hardware, and old Sun Fire V215's still did about 10.000 queries per second. Note: the answer can be completely different depending on usage patterns etc. And it's probably too easy to just average the 100 million queries over an entire day? Do you know if there are any peaks? If so, how long + high? Regards Eivind Olsen ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
auto update signatures dnssec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hello bind network
good day and merry christmas.
I just put in place guidelines in bind config to update the signatures
dnssec
I'm looking for options that require the least amount of maintenace that
all updates of signatures are performed without any external intervention
i quote my named conf
zone "fakessh.eu" {
type master;
file "/var/named/fakessh.eu.hosts";
auto-dnssec maintain;
update-policy local;
key-directory "/var/named/keyset-fakessh.eu";
allow-transfer { 213.251.188.140;87.98.164.164;
195.234.42.1;94.23.59.30; };
};
is what the guidelines are good options
my named
~]# rpm -qa | egrep bind
bind-9.7.0-5.P2.el5
bind-devel-9.7.0-5.P2.el5
bind-sdb-9.7.0-5.P2.el5
bind-utils-9.7.0-5.P2.el5
bind-libs-9.7.0-5.P2.el5
i use CentOS 5.5 with custom kernel
many returns are welcome
sincerely
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iD8DBQFNGC0+tXI/OwkhZKcRAq3OAJ9mrIuyh1lQ/M/hsyQcHdNojCyPDwCcDboS
OYoJzf/M9WKJUolp0BBpWXs=
=fwKm
-END PGP SIGNATURE-
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
