Re: caching of expired RRSIG's ?

2011-01-03 Thread Jaap Akkerhuis

I agree for the consequence of those cache misses.
But doesnot that mean that RFC4035 needs amended to state :
 remove atomic entry if *all* its RRSIGs get invalid
(because now it states : any = at least one)

And it implicitly confirms that these statements in the RFC
do apply to expired RRSIG's in the cache.

You might want to address these questionsto dnsop/dnsex since this
is more a queastion about the RFC then something bind specific.

jaap
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


Re: Best practize to store the ZONE files

2011-01-03 Thread Kevin Darcy

It's really more of an OS tuning question, isn't it?

The usage pattern of a BIND instance is:
a) not much writing of master zone files or journal files unless Dynamic 
Update is enabled and the frequency of updates is relatively high,
b) not much writing of slave/stub zone files or journal files, unless 
the zones have aggressive REFRESH settings and frequent updates
c) not much reading of zone files except at startup or restart/reload, 
or possibly whenever writes occur, to read the zone data back into memory


Now, given the usage pattern(s), how best to tune performance, based on 
the capabilities/limitations of the underlying OS and hardware? Same 
partition and/or filesystem versus separate partitions and/or 
filesystems? A different type of filesystem? Is the disk storage RAIDed? 
Striped? Mirrored? Is a journaling filesystem in use?


Older filesystems used to run into performance problems when directories 
got really large, so some folks used to split up their zones by the 
initial letter of the zone name, e.g. zonefiles/a/aardvark.com, 
zonefiles/b/beetlebomb.com. I don't know if that's still an issue with 
modern filesystems though. We've never had more than a few thousand 
zones, with relatively rare restarts/reloads, and most of the zones not 
changing very frequently, so we haven't noticed any problems, and 
haven't resorted to any special setup for storing zone files.


It occurs to me that the journal zone-level option in modern versions 
of BIND could theoretically be used to group all of the journal files 
into a separate filesystem/slice/partition, which might be better tuned 
for frequent updates, than the zone files themselves, which would change 
relatively infrequently. I haven't tested this theory though...




- Kevin


On 12/31/2010 12:24 AM, Michelle Konzack wrote:

Hello *,

I am hosting on my 6 NameServers 200.000 Domains and now in the meantime
it becomes  complicate  because  they  are  arround  230.000  files  now
including sub domains.

There are currrently 18 TLs.

My Question is:

 How do you handel such amount of files and where is the best
 place to store them on a Debian System (Lenny/Squeeze).

 Do you recommend to store it on a seperated partition, even
 if they have currently only arround 87 MByte?

Thanks, Greetings and nice Day/Evening
 Michelle Konzack



___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users