[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: high performance caching bind server

> >--On March 12, 2007 7:16:10 PM -0400 George Georgalis <george@galis.org> 
> >wrote:
> >>you're not recommending dnscache, you are recommending against it.
> >>but really you are spreading FUD.
> >>a) what various ways are you referring to?

> On Mon, Mar 12, 2007 at 07:21:34PM -0600, Michael Loftis wrote:
> >I don't have a boatload of specifics but one that bugs me is incomplete TCP 
> >support.  You can only do an SOA/AXFR sequence over TCP.

On 13.03.07 01:13, George Georgalis wrote:
> dnscache supports TCP queries,

He said dnscache only supports SOA/AXFR over TCP. This is bad.

> >I'm not familiar with the dnsip program, but it is from djbdns, and appears 
> >to be doing it's round robin-ing internally, or... randomizing the output 
> >more likely.  Specifically version 1.05 of dnscache definitely does not 
> >round robin, if you query multiple times in succession with dig, or host, 
> >you will get the same answer every time.  Perhaps that was finally 
> >corrected.  If you ask a BIND or basically anything else (not sure of 
> >others specifically) you get round robin results.  While I tend to somewhat 
> >agree that the clients should randomize or round-robin internally, the fact 
> >is most don't.
> Well I think it's normal for clients to random choose when they
> get multiple A records. But indeed, it looks like dnscache itself
> doesn't do any randomization! It _only_ caches the original
> result.

I have BIND set up to sort closest IPs first. This is something that
dnscache doesn't to (well, at least it won't spoil it), however clients that
randomize order of received records spoil it. I think that client should not
reorder, but server should.

> for example, I lowered the ttl to 6 seconds and the first two
> queries below (within 3 seconds) get the exact results. the others
> (within 7 seconds) are randomized by tinydns (authoritative) NOT
> dnscache.

lowering a TTL is a risk of problems when your DNS fails or when anyone
fails to contact your DNS.

Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Remember half the people you know are below average. 

Reply to: