What kind of hardware?
Brad Knowles
brad.knowles at skynet.be
Thu Mar 8 17:29:02 UTC 2001
At 2:24 PM +0100 3/8/01, Eivind Olsen wrote:
> Anyone have any good suggestions as to what is most important when
> setting up a caching-only DNS using BIND 8 or 9? It will be used by a
> few mailservers etc. Should I focus on much memory? I suppose I won't
> need extreme amounts of diskspace? A fast processor will always help,
> right?
More memory will help, as you'll be able to hold the entire
database in RAM and you won't have to do garbage collection too
often. I'd want a machine with enough RAM that I could dedicate at
least 128-256MB to the named process.
Note that BIND 8 is still quite a bit faster than BIND 9, at the
moment. However, BIND 8 still has some problems with being "blind"
and not answering queries while it is loading zones, while BIND 9 is
multi-threaded and will start trying to answer queries as soon as it
is started, while other threads run in the background loading the
zones, etc....
Thus, BIND 8 wants a fast machine with a single processor, while
BINDv9 can work with a slower machine with multiple processors. If
you want the maximum in speed, you can run multiple BIND 8 processes
on a multi-processor machine, and each copy is bound to listening to
a different IP address.
Now, one thing I do on all mail servers I configure, is to have a
set of high-speed centralized nameservers, but I also run a
forwarding caching nameserver on each mail server. Each machine will
look first to itself and see if it has the necessary information
already cached, and if so then you need not go any further. If the
information is not cached locally, the query will be forwarded to the
central set of nameservers, which are more likely to have that
information.
This also helps ensure that all local caching nameservers have
the same "picture" of the DNS as everyone else -- either through the
information cached locally, or through the central nameservers to
which the queries may be forwarded.
Under no circumstances should you run caching-only nameservers on
each mail server *without* a centralized set of caching nameservers
to which unknown queries are forwarded, because the one thing users
hate above all else is inconsistency -- if they just successfully
sent mail to a particular address five minutes ago, they want to be
able to successfully send mail to that address again. Having mail
work or not, depending on which server the mail may be routed
through, is a very sure way to go out of business very quickly.
> Also - are there any things I should keep in mind when setting up a
> chroot'ed BIND running as non-root user under Solaris 2.6 or newer? Any
> tweaks etc. that I should do right away?
Solaris really isn't the fastest available OS for running BIND,
but I believe that Solaris 7 should be at least reasonably fast on
the right hardware (they recently implemented the same Mentat TCP/IP
stack that had done so much for Digital Unix/Tru64, but I don't
remember in which version of Solaris this was done).
--
Brad Knowles, <brad.knowles at skynet.be>
#!/usr/bin/perl -w
# 531-byte qrpff-fast, Keith Winstein and Marc Horowitz <sipb-iap-dvd at mit.edu>
# MPEG 2 PS VOB file on stdin -> descrambled output on stdout
# arguments: title key bytes in least to most-significant order
# Usage:
# qrpff 153 2 8 105 225 /mnt/dvd/VOB_FILE_NAME | extract_mpeg2 | mpeg2_dec -
$_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=142;$t=255;@t=map{$_%16or$t^=$c^=(
$m=(11,10,116,100,11,122,20,100)[$_/16%8])&110;$t^=(72, at z=(64,72,$a^=12*($_%16
-2?0:$m&17)),$b^=$_%64?12:0, at z)[$_%8]}(16..271);if((@a=unx"C*",$_)[20]&48){$h
=5;$_=unxb24,join"", at b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$
d=unxV,xb25,$_;$e=256|(ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=$t&($d>>12^$d>>4^
$d^$d/8))<<17,$e=$e>>8^($t&($g=($q=$e>>14&7^$e)^$q*8^$q<<6))<<9,$_=$t[$_]^
(($h>>=8)+=$f+(~$g&$t))for at a[128..$#a]}print+x"C*", at a}';s/x/pack+/g;eval
More information about the bind-users
mailing list