Humans notice, because the traffic runs through a perimeter firewall that checks port 53 traffic against its Intrusion Protection profiles (amongst other things). Lately, during periods of heavy activity it's been ramping up the CPU and memory of the perimeter firewall. I've noticed moments of sluggishness as a result.
My two declude servers probably handle about 250k messgaes per day, but around 90% of that is eliminated as waste. This waste still consumes bandwidth and DNS connections. During those periods of heavy activity, there are about 30k connections through the firewall, and it seems that half of them, I'm guessing, are wasted DNS lookups. I'm guessing this because filtering the connections reveals heavy port 53 activity on the Declude servers. Yes, I run local DNS on the Declude Machines, but I've notcied that the caching isn't all that effective. To the perimeter firewall, a lookup is a lookup, not matter what resource asked for it. ...unless I just don't understand, in which case I welcome being tapped into place. -- Michael -----Original Message----- From: supp...@declude.com [mailto:supp...@declude.com] On Behalf Of Sanford Whiteman Sent: Monday, July 06, 2009 8:49 PM To: Michael Cummins Subject: Re: [Declude.JunkMail] Cutting down on DNS > My declude boxes are really driving DNS traffic up, loads. As in "humans notice" or as in "my SNMP monitors notice"... is this actually negatively impacting performance of DNS or any other service? Do you run local caching DNS (I hope so)? The other thing to look into is zone transfers for eligible BLs. --Sandy --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
