Best use of caching DNS servers

2006-06-07 Thread Ramprasad 
We have an array of 8 load balanced linux boxes running Spamassassin
with peak traffic upto 20k mails per hour per server.

How do I make optimum use of DNS caching. Currently I am using bind as
caching DNS server on each machine. Would it be better I have a central
DNS server. That way the DNS Cache hit will increase dramatically , but
could also bog the DNS server down with too many requests.
Also which is the best caching nameserver I can use on linux


Thanks
Ram

Re: Best use of caching DNS servers

2006-06-07 Thread Jeff Chan 
On Wednesday, June 7, 2006, 1:50:49 AM, Ramprasad Ramprasad wrote:
 We have an array of 8 load balanced linux boxes running Spamassassin
 with peak traffic upto 20k mails per hour per server.

 How do I make optimum use of DNS caching. Currently I am using bind as
 caching DNS server on each machine. Would it be better I have a central
 DNS server. That way the DNS Cache hit will increase dramatically , but
 could also bog the DNS server down with too many requests.
 Also which is the best caching nameserver I can use on linux

Hi Ram,
Presumably you're asking about DNS caching of RBL and SURBL DNS
queries, at perhaps a few million queries per day.

A couple different ways to organize this would be to centralize
the queries onto a server or two, or to decentralize them onto
each local server as now.

In terms of query performance, BIND would have no problem either
way, but getting the zone files locally and running rbldnsd
instead of BIND would be vastly more efficient.  rbldnsd runs
much smaller in memory, and uses much less cpu than BIND, so it's
preferred in this application.  (It's what rbldnsd was designed
for, whereas BIND is more of a general purpose nameserver.  BIND
has lots of features, arguably way too many in this application.)

As you suggest, you will get higher cache hit rates with a
centralized server, at the cost of some LAN traffic.  But a
few million DNS queries per day over a LAN is probably
insignificant.

Given that the BL zone files are pretty large, I'd recommend a
centralized server running rbldnsd.  That way you're not using up
a lot of memory for BLs across many boxes.  rbldnsd is so efficient
that you could probably just pick some existing server that has
enough memory and choose it to be your rbldnsd server.  You don't
need a new box; any old server with enough memory will work.

(What is enough memory depends on which BLs and other
applications you run locally.  The BLS probably take up no more
than a few hundred MB.)

More howtos and faqs about setting up rbldnsd, etc., are at:

  http://www3.surbl.org/rsync-signup.html

Jeff C.
-- 
Jeff Chan
mailto:[EMAIL PROTECTED]
http://www.surbl.org/

Re: Best use of caching DNS servers

2006-06-07 Thread Ramprasad 

 As you suggest, you will get higher cache hit rates with a
 centralized server, at the cost of some LAN traffic.  But a
 few million DNS queries per day over a LAN is probably
 insignificant.
 
 Given that the BL zone files are pretty large, I'd recommend a
 centralized server running rbldnsd.  That way you're not using up
 a lot of memory for BLs across many boxes.  rbldnsd is so efficient
 that you could probably just pick some existing server that has
 enough memory and choose it to be your rbldnsd server.  You don't
 need a new box; any old server with enough memory will work.

Will rbldnsd be efficient when I am using dns forwarding for some zones.
For eg we have a local nameserver serving for zones like sbl-
xbl.spamhaus.org. ( This local nameserver is actually a rbldnsd server
running on port 530 )

Thanks
Ram