DNS Server sizing guide?

Blason R blason16 at gmail.com
Thu Mar 29 02:31:25 UTC 2018 

Agree!!

Right now I have around 270000 zones added in DNS but that is with direct
zones NO RPZ. And my config is 4 vCPU 8Gb RAM its running well and around
700 users

The only concern thing for me is I may need to re-write all my scripts to
load those zones in RPZ format hence wondering if RPZ can really help me in
boosting performance of my server and how much?

Because if you see with my current config I may be running 40% of the
resources;  with RPZ if I am achieving 30-35% then re-writing complete
stuff for that 5% does not entice me. If the difference is noticeable lets
say 20% then probably I can start of with that.

Hence wanted to know from community if they have ever tried such thing
before? and if so would really appreciate if they can share their
observations.

On Thu, Mar 29, 2018 at 2:16 AM, Grant Taylor via bind-users <
bind-users at lists.isc.org> wrote:

> On 03/28/2018 12:51 AM, Blason R wrote:
>
>> Interesting I didn't know that. Let me dig in..can I have few examples
>> please?
>>
>
> RPZ zones are effectively standard zones.  The only difference is that the
> CNAME record is used to convey information to the RPZ engine (? is that an
> accurate description ?) that special action should be taken.
>
> I have messed with a project where I donwload newly registered domains
> daily and build an RPZ zone.  The intention is that I can make it appear as
> if domains registered within the last 1 / 7 / 14 / 28 days do not exist on
> my personal DNS server.  The records look like the following:
>
> example.com     CNAME   .
> *.example.com   CNAME   .
> example.net     CNAME   .
> *.example.net   CNAME   .
> example.org     CNAME   .
> *.example.org   CNAME   .
>
> As you can see, this is really two records per domain.  One for the domain
> w/o any subordinates, and one for the domain subordinates.
>
> I've been collecting newly registered domains for ~4 months and here's the
> number for each month thusfar.
>
> 2017-12:  2,110,518   (Started collecting December 3rd.)
> 2018-01:  2,932,808
> 2018-02:  3,040,718
> 2018-03:  3,010,168   (Still missing a few days.)
>
> I did test all of December's records in a single RPZ zone file, and they
> worked okay.  I only say okay because it took close to a minute for named
> to start up and my naive OS's start up script coughted up a fur ball after
> 30 seconds.  named was quite happy if I gave it an additional 30 secones.
>
> Note:  This was running on a 1.6 GHz AMD Dual-Core E-350 APU w/ 8 GB of
> memory.  More power efficient than a server. ¯\_(ツ)_/¯
>
>
>
>
> --
> Grant. . . .
> unix || die
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180329/964b24ee/attachment.html>

More information about the bind-users mailing list