On 02-07-12 11:46, Sander Smeenk wrote:
Not at all to discredit the hard work you guys put in OpenDNSSEC but this enforcer design implementation of OpenDNSSEC also fits the 'we only manage one or two zones, not fourteenthousand'-mindset, imho.
For what it's worth, we manage about 300 zones with OpenDNSSEC and I think it should scale to thousands of zones without problems. Adding new zones is still a bit cumbersome, although this is mostly related to integration with our existing environment. (re)processing al the existing zones is a bit of a problem because of the time it takes, we were used creating new domains instantaneously. Disabling the auditor makes a huge difference here.
Updating existing zones is rather painless. FYI we use mysql and have never experienced a locking problem. -- Casper Gielen <[email protected]> | LIS UNIX PGP fingerprint = 16BD 2C9F 8156 C242 F981 63B8 2214 083C F80E 4AF7 Universiteit van Tilburg | Postbus 90153, 5000 LE Warandelaan 2 | Telefoon 013 466 4100 | G 236 | http://www.uvt.nl _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
