BIND 8.2.3 verus 9.x.x ?? in production
Khyron
khyron at khyron.com
Fri Mar 23 09:14:40 UTC 2001
If memory serves, you said...
>
> Nate Duehr <nate at natetech.com> wrote:
>
>
> > Let's just say I have a customer with a penchant for reverse lookups he
> > doesn't need... and leave it at that. 14 web servers doing 40+ Mbs of
> > traffic can create a lot of in-addr.arpa lookups! The application is
> > horribly misconfigured, but who am I to explain that to him when "his
> > last ISP handled it just fine"? :-) Gotta love it.
>
> What do you think the customer want's in his webserver logs ? Ip-adresses or
> domain names ?
> Chances are that domain names are more useful, then you _want_ full DNS.
Then let the analysis software handle it. Preferably, one with a
cache and configurable cache expiration rules (like analog). First,
its additional performance hit on the web servers. 2nd, it would be
more effective to use another box taking that load that caches 1-2
weeks of domain name lookups. Analog can do gigs of logs in minutes
in part because of the caching.
[Lossy compression]
////////////////////////////////////////////////////////////////////
Khyron mailto:khyron at khyron.com
Key fingerprint = 53BB 08CA 6A4B 8AF8 DF9B 7E71 2D20 AD30 6684 E82D
"Drama free in 2001!"
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
More information about the bind-users
mailing list