[c-nsp] Cache DNS servers
sthaug at nethelp.no
sthaug at nethelp.no
Tue Dec 1 15:28:19 EST 2015
> > I have little question about DNS servers that you use in your environment?
> > We use bind on freebsd servers now. I did some benchmarks and found that
> > google public DNS is 8 - 10 time faster than my own. So I decide change BIND
> > for something more faster. I'm in MNO market. Any suggestions?
>
>
> just caching resolver? might want to look at unbound.... but google 10x faster than you even though
> theirs are remote etc?
>
> 1) tune your server (MANY things can be done)
> 2) their caches are probably ready-populated with loads of stuff as they are operational..whereas your server
> will have to go out to make queries.
Ayup, this is mostly about "hot caches". You need a significant amount
of DNS query traffic to get a good cache that will answer most queries
quickly, out of the cache.
FreeBSD or Linux, BIND, Unbound or PowerDNS recursor - use what you
know best, they will all work well for normal loads. If you're getting
into more than 10k queries/second territory you may want to actually
do some testing/measurement.
Given a nice hot cache, a nearby resolver is likely to beat a remote
Google resolver, simply due to the lower latency to reach the cache.
Yes, I have measurements that show this :-)
But simply replacing BIND with something else is *not* likely to solve
your problem.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the cisco-nsp
mailing list