Yes, we have that much DNS requests hiting our servers (we are not experiencing any DoS but from legitimate user requests :-)
Furthermore, the DNS infrastructure tiemouts are unacceptable in our scenario. Registering additinal NS records is also unacceptable. FYI: our primary DNS experiences cca. 4000 requests per second, secondary goes with cca. 3000 req/sec. Primary server is SUN Fire V480 with 16GB RAM, secondary is also SUN Fire V480 with 8GB RAM. Both servers are running Solaris 9 + BIND 9. Firewall is PIX 535, works like a charm. Cheers --- Jason Dixon <[EMAIL PROTECTED]> wrote: > On Mon, 27 Aug 2007 05:03:40 -0700 (PDT), reje > <[EMAIL PROTECTED]> wrote: > > Hi there, > > > > I'm wondering is there a way to scale DNS service > > using OpenBSD's CARP and loadbalancing/pool > features > > of pf ? How about hoststated(8) ? (as I know > > hoststated(8) doesn't support UDP right now) > > Is it really necessary to balance your DNS load > across multiple servers? The DNS infrastructure was > designed with redundancy in mind. Are you answering > so many queries that it's necessary to spread the > load across multiple servers behind the same virtual > address? Seems very unlikely. DNS is a very > low-overhead protocol; I would expect your firewall > pool to suffer before your DNS servers. > > Sorry, I know this doesn't answer your question but > it smells like you're over-engineering. > > -- > Jason Dixon > DixonGroup Consulting > http://www.dixongroup.net that gives answers, not web links. http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC
