BIND 9.11.0 RPZ performance issue
Daniel Stirnimann
daniel.stirnimann at switch.ch
Tue Oct 18 07:08:37 UTC 2016
>> I have upgraded some of our BIND resolvers from BIND 9.9.9-P3 to BIND
>> 9.11.0 and I notice timeouts for 3 - 5 seconds about every 1 to 5 hour.
>
> Something to do with dlv.isc.org?
No, I can rule out dlv.isc.org.
It currently looks like that only having the spamhaus rpz zones active
causes the occasional timeouts. Maybe it's related to the zone size as
dbl.rpz.spamhaus.org is quite large. If i/o performance on the virtual
hosts turn out to be a problem then masterfile-format map; looks not
like a good solution as this increases the zone file on disk by a factor
of about 4.
Daniel
More information about the bind-users
mailing list