Re: response policy zones (rpz) and views - memory consumption

[Tony Finch]

Jiri Hromadka  wrote:
>
> Is there any way to reuse already loaded rpz zone in memory for other
> views ? I know in-view is not an option for rpz, using one master /
> slave zones has same memory effect.

Yeah, in-view would be perfect, if only :-)

You might try setting up a view that only does recursive resolution and
RPZ, and configure the per-client views to forward to the RPZ view.
It's probably also worth configuring a small cache size limit in the
per-client views to avoid too much duplication.

Self-forwarding won't have amazingly good performance but you only need to
worry about that if you are running at many thousands of queries per
second.

Tony.
-- 
f.anthony.n.finchhttps://dotat.at/
Forth, Tyne: North or northeast 3 to 5. Slight or moderate. Showers.
Good.

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

response policy zones (rpz) and views - memory consumption

[Jiri Hromadka]

Hi,

 

I’ve read many archived mails here and I haven’t found solution / answer, so 
let me ask you guys.

I’m running Bind 9.11+ and using views for around 10 clients on single server, 
all clients has different settings and everything was working great, until 
we’ve decided to implement RPZ for them. We build single rpz zone file from 
opensource/paid sources and it contains more than 200k 
malicious/adware/phishing domains that we want our clients protect from. When 
we use this zone and set response policy for testing view, everything was 
working perfect and binds memory consumption has increased by ~100MB. However 
when we’ve set the same rpz zone any response policy for other views (we want 
all view has the same RPZ zone and policy), binds memory consumption has 
increased by ~100MB for each zone. This might be a problem in future when rpz 
zone file gets bigger.

Is there any way to reuse already loaded rpz zone in memory for other views ? I 
know in-view is not an option for rpz, using one master / slave zones has same 
memory effect.

 

Thank you for any advice.

Jiri

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users