Thoughts on a large-scale DNS server...

From: John Von Essen (john_at_essenz.com)
Date: 06/28/05

  • Next message: Dan Ross: "Re: option 82 on isc dhcp" 
    Date: Tue, 28 Jun 2005 10:42:59 -0400 (EDT)
To: freebsd-isp@freebsd.org

    I have been tasked with setting up a large-scale dns server environment
    (One ISP is taking over another ISP) and would greatly appreciate any
    thouhts or experiences that could help me out.

    In the end we will probably be doing authoritative DNS for 11,000 domains,
    and another 200 or so in-arpa address ranges for reverse resolution.

    The plan is to have 3 core machines. One is the master, and gets its zone
    files created from local cvs exports. The other two are slaves, and do
    zone transfers from the master. The Public will actually only talk to
    these two slave DNS servers (NS1 and NS2). The machines themselves will be
    Single 3Ghz Xeon, 1Gb Memory, and 70Gb RAID 1 U320 SCSI. For every
    machine, we will have a standby machine waiting and ready.

    The first question is, do I have enough CPU/Memory. Keep in mind these
    machines will nothing but DNS.

    Are there any performace issues with using regular filesystem directory
    zone file storage. For example, we will have a very large named.conf file
    with some 11,000 zone entries (I have never worked with a named.conf
    file that big before). Those entries will just reference the local
    filesystem, file "s/a/adam.com"; and so on.

    The next big question is BIND8 or BIND9. I would like to take advantage of
    threading in BIND9, but saw a previous post that BIND9 can have difficulty
    working with BIND8 servers which were incorrectly setup, whereas BIND8 can
    allow for a certain level of "external" incompetence.

    And finally, Linux or FreeBSD, and if FreeBSD, 4 or 5.

    Current staff (besides me) whats to run Debian Linux, but BIND9 pthreads
    dont work in Linux, do they work in FreeBSD? I want to use FreeBSD just
    because it better overall with regards to TCP/IP.

    The only performance numbers we got from the other ISP, is that existing
    dns servers use about a constanst 400 kbps (bits) of bandwidth.

    Thanks in advance
    John
    _______________________________________________
    freebsd-isp@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-isp
    To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

  • Next message: Dan Ross: "Re: option 82 on isc dhcp"

    Relevant Pages

    • FW: FBSD router/firewall with dhclient & dhcpd
      ... My *potential* problem is that my ISP ... re-addresses their DNS servers ... Or, more simply, how can my DHCP server hand out ... Info the FreeBSD box: ...
      (freebsd-questions)
    • Re: sendmail setup
      ... although i know this is not a specific freebsd issue, ... i sent my outgoing email through my isp. ... machines on the LAN, but messages to the outside(gmail, other ...
      (freebsd-questions)
    • Re: DNS resolution not working (Win2k Pro)
      ... computer on a client's internal network. ... client's ISP. ... The two DNS servers that don't work are the ones that my client has ... I guess if in fact the other office PCs use these two DNS servers and they ...
      (microsoft.public.win2000.dns)
    • Re: DNS resolution not working (Win2k Pro)
      ... > client's ISP. ... I have set up that one machine to use the DNS servers ... > I guess if in fact the other office PCs use these two DNS servers and they ... > miscommunication from my client's ISP to my client and from my client to ...
      (microsoft.public.win2000.dns)
    • Re: Discover Outgoing IP address
      ... > believe) can only mean that your ISP puts it's customers inside a "Network ... >> but my router reports the range.81.105.x.x range ... >>> It would most likely mean that your WAN address that the router sees is ... If your current dns servers don't support dynamic update, ...
      (microsoft.public.windows.server.sbs)