DNS performance testing - FreeBSD & Solaris - BIND & djbdns

Matt Simerson mpsimerson at hostpro.com
Fri Jun 22 18:45:57 UTC 2001 

> -----Original Message-----
> From: Brad Knowles [mailto:brad.knowles at skynet.be]
> Sent: Friday, June 22, 2001 10:56 AM
> To: Matt Simerson
> Cc: 'bind-users at isc.org'
> Subject: RE: DNS performance testing - FreeBSD & Solaris - 
> BIND & djbdns
> 
> 
> At 11:08 AM -0600 6/22/01, Matt Simerson wrote:
> 
> >  We started testing with 8.2.3 and changed over to 8.2.4 when it became
> >  released. All the published numbers are from 8.2.4 and 9.1.2-REL.
>
> 	I'd like to see this level of detail become a standard part of 
> future versions/updates to this report.  ;-)

Well, it's in the QA test plan which I excerpted but unfortunately I can't
publish the entire document. I personally wouldn't have a problem with it
but others in the company think it reveals too much information. Politics.
:-(
 
> >  I do that to populate the cache.
> 
> 	I understand, but I believe that there are better ways to 
> populate the cache, and which avoid any potential issues with 
> forwarding.

I still say it doesn't matter. Whether the data is read from disk or the
network, it's stored the same way in the cache. The only "potential" issues
with forwarding would affect the first run in which the cache is populated.
Oddly enough, the test results proved conclusively that there are no issues
with the forwarding. BIND 8 handily trounced every other name server in it's
ability to grab results from the network and return them to the client. At
5,000 queries per second, it's the only cache that, in any test, started to
approach the limits of my dns walls ability to serve.

> >  With dnscache that's implicit when we configured it to forward the
requests
> >  for 216.in-addr.arpa so it wasn't an issue but we ended up having to do
that
> >  with BIND.
> 
> 	No, you're misunderstanding.  I believe that forwarding should be 
> completely avoided.  Period.

You're entitled to your opinion, I'm entitled to mine. You think forwarding
is evil, I don't. I can certainly understand why you do, and that's simply
because the mechanisms in BIND are, well, kludgy at best and don't really
work the way you expect.  We've had this conversation, you aren't going to
change your opinion and I'm not changing mine. :-) For what it's worth,
forwarding works very elegantly with dnscache. BIND could learn a lesson or
two there on how to make forwarding work properly.
 
> >              While watching the queries with snoop we were seeing BIND
query
> >  the root name servers upon every query of an IP within the in-addr.arpa
> >  space. That was particularly bad behavior.
> 
> 	Yes, indeed.  That would be particularly bad behaviour. Were you 
> seeing this with both BIND 8.2.4-REL and 9.1.2-REL, or just one of 
> them and not the other?

We noticed it on BIND 8/Solaris and didn't test v9 on Solaris. We did not
see it on FreeBSD/BIND 8 or FreeBSD/BIND 9 using identical configs. In fact,
we started testing on FreeBSD because the boxes were up and running so much
faster. We didn't discover the problem on Solaris until probing the machine
to figure out why it was performing so miserably.  

Matt

More information about the bind-users mailing list