On 11/10/2015 04:13, James wrote: > Howdy, > > So I now have (5) statics and a fiber feed, with lots of room to grow. > > I need to setup DNS primary/secondary systems on gentoo. So right now I'm > looking for a suggested list of packages to install with Bind, iptables and > DNSSEC-tools as these (2) gentoo dns servers will only run the minimum > packages to operate securely?
auth or cache? First of all, bind is a pain to use. Reason: it's actually a reference implementation that as usual got forced into production use. It's slower than it could be because it deals with every possible corner case per RFC. As an auth server (few queries) it's OK As a cache (many queries), there are better servers out there. I prefer unbound. > Also, what is the (nominal) minimum amount of RAM needed to keep all routes > in ram in these name servers? I don't understand. DNS servers don't keep routes in memory - routers do that. Perhaps you mean cached DNS records? DNS is light on RAM, there are only so many records typical users will look up. DNS caches not too long ago ran for years problem free with a puny few hundred MB. It's not something to be worried about. -- Alan McKinnon alan.mckin...@gmail.com