North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: DNS - connection limit (without any extra hardware)
- From: Luke C
- Date: Mon Dec 11 11:03:30 2006
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:references:x-google-sender-auth; b=HtJWIGm2YCeReA8gdPGB3G/A95eVcvpPozfjY7iowQiNIKHG2Uq/+ZqBU1h1Zd414m7a2ZNaYH8L2qmsS21u4zRwbVoCGUokRx7N4KqVCVAfwpSzNw4TEp9OOCOlicBzcPNFz7cHGaSAkGCH5Fd9RKBHjX6k1XOCUQDjFKsmJ2E=
of course, my company is working on two main tasks: the first team is focused on discovering what is the virus, and what is the best anti-virus. instead, my team has already scaled our DNS service, by doubling the number of DNSs.
I'm not completely satisfied by the "scaling solution": I wish to find a solution that could grant a good quality of the service without placing a lot of DNS in my web-farms
Thanks Best Regards
Luke
On 12/8/06, Matt Ghali <[email protected]> wrote:
On Fri, 8 Dec 2006, Simon Waters wrote:
> I suspect complex rate limiting may be nearly as expensive as providing DNS > answers with Bind9.
Indeed. It is generally accepted that it is easier to simply scale
your service to provide adequate headroom than implement per-client traffic policies.
of course, you could also work on cleaning up the mess, but I will charitably assume you are working the problem from both directions
simultaneously.
matto
[email protected]<darwin>< Moral indignation is a technique to endow the idiot with dignity. - Marshall McLuhan
|