Gentoo Archives: gentoo-user

From: Alan McKinnon <alan.mckinnon@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] DNS server packages
Date: Sun, 11 Oct 2015 07:36:31
Message-Id: 561A114B.9020701@gmail.com
In Reply to: [gentoo-user] DNS server packages by James
1 On 11/10/2015 04:13, James wrote:
2 > Howdy,
3 >
4 > So I now have (5) statics and a fiber feed, with lots of room to grow.
5 >
6 > I need to setup DNS primary/secondary systems on gentoo. So right now I'm
7 > looking for a suggested list of packages to install with Bind, iptables and
8 > DNSSEC-tools as these (2) gentoo dns servers will only run the minimum
9 > packages to operate securely?
10
11 auth or cache?
12
13 First of all, bind is a pain to use. Reason: it's actually a reference
14 implementation that as usual got forced into production use. It's slower
15 than it could be because it deals with every possible corner case per RFC.
16
17 As an auth server (few queries) it's OK
18 As a cache (many queries), there are better servers out there. I prefer
19 unbound.
20
21
22 > Also, what is the (nominal) minimum amount of RAM needed to keep all routes
23 > in ram in these name servers?
24
25 I don't understand. DNS servers don't keep routes in memory - routers do
26 that. Perhaps you mean cached DNS records?
27
28 DNS is light on RAM, there are only so many records typical users will
29 look up. DNS caches not too long ago ran for years problem free with a
30 puny few hundred MB. It's not something to be worried about.
31
32
33 --
34 Alan McKinnon
35 alan.mckinnon@×××××.com

Replies

Subject Author
Re: [gentoo-user] DNS server packages "J. Roeleveld" <joost@××××××××.org>
[gentoo-user] Re: DNS server packages James <wireless@×××××××××××.com>