|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: djbdns: An alternative to BIND
[email protected] wrote: It'd be interesting to find the actual causes for this. Did you by chance consult the djbdns mailing list for hints?A contrary view from the trenches: Around a year ago we tested DJB dnscache as the recursive DNS server in a high-volume ISP environment - mostly because we were not happy with BIND 9 performance at the time. Our conclusions were: - dnscache used *more* CPU than BIND 9 in our environment, effectively ruling it out It's easy enough to setup as many instances of dnscache as you have IP addresses and point them all at one central dnscache (typically on a loopback address). Assuming you've already setup the central dnscache, you need to execute the following commands:- Not possible to get dnscache to listen to more than one IP address unless you introduce hacks/patches # dnscache-conf Gdnscache Ddnslog /etc/dnscacheX a.b.c.d # echo 127.0.0.1 > /etc/dnscacheX/root/servers/\@ # echo 1 > /etc/dnscacheX/env/FORWARDONLY # touch /etc/dnscacheX/root/ip/a.b.c # ln -s /etc/dnscacheX /service While I agree that it's more work than simply adding one line to a config file, in effect you've got no more than two variables: IP adress, netmask (which I happily assumed to be 255.255.255.0 above). It's trivial to write a script to handle this situation in a one-liner. Personally, I also like the added flexibility that this approach gives you. - Weird failures reported from users Did you actually investigate any of these? I found the installation process to be relatively straightforward, if a little awkward (as some of DJB's habits are). As for the 'lots of small programs' you don't want or need, I don't see the point. If you install BIND, you get a monolithic binary whereas djbdns splits the functionality into separate programs. Most people only use a fraction of the code in BIND, would you argue that its binary is too large?- Annoying installation process with lots of small programs that we don't want or need [snip] I've read that Nominum CNS provides good performance. Unfortunately (in my book), it's not Open Source, though.version that worked well for us (but still too low performance). We finally switched to Nominum CNS (two servers) and one BIND 9 server as backup. We really like Nominum CNS, and we're happy. Cheers, Tobias
|