Dmitry Rybin wrote:
Kevin Darcy wrote:
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
_______________________________________________
So, you don't cache locally, you forward to another daemon that (in
the best case) answers from *its* cache.
How have you improved performance by changing nothing else and adding
a network hop?
recursion possibilities of bind is very pity in compare with
powerdns-recursor, unbound & so on. It allocate a lot of memory and
make high CPU usage.
Sometimes unable change authoritative and recursive IPs.
So, you want to add an operational mode to BIND because you
mis-deployed/mis-architected something, and are therefore locked into
using the same IP for recursive and authoritative nameservice?
If you prefer other recursive resolvers to BIND, then go ahead and use
them, you should have planned ahead and provisioned separate IPs so that
you'd have that option.
You might be able to deal with your current predicament by selectively
NAT'ing or PAT'ing incoming recursive queries, to bypass your BIND
instance, e.g. using the "u32" module of iptables, see, e.g. (for
inspiration)
http://www.stupendous.net/archives/2009/01/24/dropping-spurious-nsin-recursive-queries/
But, frankly, anything along those lines would be a kludge.
- Kevin
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
