DNS performance testing - FreeBSD & Solaris - BIND & djbdns

[Matt Simerson]

> -----Original Message-----
> From: Brad Knowles [mailto:brad.knowles at skynet.be]
> Sent: Thursday, June 21, 2001 4:10 PM
> To: Matt Simerson; 'bind-users at isc.org'
> Subject: Re: DNS performance testing - FreeBSD & Solaris - 
> BIND & djbdns
> 
> At 3:29 PM -0600 6/21/01, Matt Simerson wrote:
> 
> >  The reference hardware for FreeBSD systems is the HP LPr with a single
> >  700MHz PIII CPU and 1GB RAM. Solaris Sparc** systems are E420's with
2GB of
> >  RAM and a single 450MHz CPU.
> 
> 	A few observations:
> 
> 		1.  You don't say specifically which versions of BIND 8 or
BIND 9
> 			that are used.  This information would be very
helpful.

We started testing with 8.2.3 and changed over to 8.2.4 when it became
released. All the published numbers are from 8.2.4 and 9.1.2-REL. 

> 		2.  I assume that the BIND 9 tests were done with 9.1.2-REL
or maybe
> 			a release candidate for 9.1.3.  I'd also be very
interested to
> 			see results with BIND 9.2.

I wouldn't mind seeing them too by my test servers are gone. We weren't even
considering BIND 9.2 as a platform to roll out into production so there
wasn't much point in testing it. The numbers could be interesting through.

> 		3.  I don't see any BIND 9 caching results for Solaris on a
> 			class B network.

That's because they weren't there. I can't say why but when I installed a
default BIND 9.1.2-REL on the Solaris machine it broke BIND 8 to the point
where it wouldn't answer queries. Our sysadmins customize Solaris enough
that things weren't where I expected and I don't know Solaris well enough. I
just turned it back over to them and had them install BIND 8.2.4 and I
tested against that.

> 		4.  I don't see any BIND results at all for the
authoritative
> 			tests.

BIND reads zones files from disk into it's cache and serves them from there.
Authoritative requests on BIND are the same as cached requests. 
 
> 		5.  I am still not at all convinced that the caching
nameservers
> 			should be forwarding those results to another
nameserver.

I do that to populate the cache. Someone else wanted to know the TTL's of
the returned records. I documented the use of walldns and reading the online
manual states that TTL's on walldns records are a week.

> 			I believe that you should also try setting up the
> 			caching nameservers to be falsely authoritative for
the
> 			parent domain and delegate the child (in which all
queries
> 			will be performed) to the other server, and caching
the
> 			results that are returned.

With dnscache that's implicit when we configured it to forward the requests
for 216.in-addr.arpa so it wasn't an issue but we ended up having to do that
with BIND. While watching the queries with snoop we were seeing BIND query
the root name servers upon every query of an IP within the in-addr.arpa
space. That was particularly bad behavior.

Matt