FW: BIND limits and performance questions
Morris Balamut
mbalamut at nortelnetworks.com
Fri Mar 23 17:37:53 UTC 2001
>> -----Original Message-----
>> From: Brad Knowles [mailto:brad.knowles at skynet.be]
>> Sent: Wednesday, March 21, 2001 5:50 PM
>> To: Kevin Darcy; bind-users at isc.org
>> Subject: Re: BIND limits and performance questions
>>
>>
>>
>> At 3:10 PM -0500 3/21/01, Kevin Darcy wrote:
>>
>> > I assume you're talking about NSMAX. I don't think it's really
>> >accurate to say
>> > that BIND enforces this limit on "name servers in a zone". It's
>> >more like BIND
>> > won't *use* any nameservers for a zone beyond the first
>> 16. If someone has 16
>> > *non-functional* nameservers for a zone, chances are that
>> the entire zone is
>> > down. So it really doesn't make much of a difference in
>> practice anyway.
>>
>> Also consider that you're going to have a very hard
>> time cramming
>> more than thirteen or so NS RRs into a 512-byte UDP packet,
>> even with
>> creative naming and the built-in domain name compression that goes
>> one.
>>
>> Once you break that 512-byte limit for something as fundamental
>> as the RRset for the NS records, all holy hell will break loose
>> (which is why there aren't any more than thirteen root nameservers).
Could you kindly explain what "all holy hell will break loose" means.
What actually happens and why is that bad?
>>
>>
>> Therefore, setting an arbitrary maximum limit of 16 nameservers
>> for a zone seems to be a pretty reasonable thing to do, even
>> in these
>> modern days of BINDv9.
>>
>> --
>> Brad Knowles, <brad.knowles at skynet.be>
>>
>> /* efdtt.c Author: Charles M. Hannum
>> <root at ihack.net> */
>> /*
>> */
>> /* Thanks to Phil Carmody <fatphil at asdf.org> for
>> additional tweaks. */
>> /*
>> */
>> /* Length: 434 bytes (excluding unnecessary newlines)
>> */
>> /*
>> */
>> /* Usage is: cat title-key scrambled.vob | efdtt
>> >clear.vob */
>> /* where title-key = "153 2 8 105 225" or other similar
>> 5-byte key */
>>
>> #define m(i)(x[i]^s[i+84])<<
>> unsigned char
>> x[5],y,s[2048];main(n){for(read(0,x,5);read(0,s,n=2048);write(1,s
>> ,n))if(s[y=s[13]%8+20]/16%4==1){int
>> i=m(1)17^256+m(0)8,k=m(2)0,j=m(4)17^m(3)9^k
>> *2-k%8^8,a=0,c=26;for(s[y]-=16;--c;j*=2)a=a*2^i&1,i=i/2^j&1<<
>> 24;for(j=127;++j<n
>> ;c=c>y)c+=y=i^i/8^i>>4^i>>12,i=i>>8^y<<17,a^=a>>14,y=a^a*8^a<
>> <6,a=a>>8^y<<9,k=s
>> [j],k="7Wo~'G_\216"[k&7]+2^"cr3sfw6v;*k+>/n."[k>>4]*2^k*257/8
>> ,s[j]=k^(k&k*2&34)
>> *6^c+~y;}}
>>
>>
More information about the bind-users
mailing list