Re: Performance tuning

2012-11-28 Thread Carsten Strotmann 
Adamiec, Lawrence ladam...@kentlaw.iit.edu writes:

Hello Lawrence,

you problems might not be related to the configuration of your DNS
Server software (BIND), but it can be related to your internal name
resolution inside your organisation (forwarders, caches, mixed
caching/authoritative DNS etc). 

Do you see the speed difference on the two websites (URLs for the
Websites) from within your organisation, or when using an outside
view (from home etc)?

Of course we here in this mailing list can only have the look from
outside, and that looks ok.

Optimizing an internal DNS name resolution infrastructure requires
someone that has knowledge on  all possible name lookup path in a
network (DNS, WINS, NetBT ...) and a good DNS knowledge. 

I would recommend to get an expert onsite for an DNS audit if you see
the performance problem inside your organizations network. The BIND
configuration is usually not the issue.

Best regards

Carsten Strotmann 

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: truncated responses vs. minimal-responses?

2012-11-28 Thread Matus UHLAR - fantomas 

last few weeks I have seen many discussions over UDP truncating and using
minimal-responses yes; to prevent BIDN from doing that.

I've read article stating that nameserver should avoid truncating packets
even by skipping additional and authority sections in its responses, which
should mean that using minimal-responses would not help.

However, I've seen a few mails mentioning that a query can get truncated
when the authority section is too big and advices to turn
minimal-responses
on.

Reading the 9.9.2 docs and even looking at the sources (I am not a C
coder)
did not help me with this.


On 27.11.12 17:41, Mike Hoskins (michoski) wrote:

It seems it should help...  less bits in the packet relating to additional
and authority should leave room for other data.


OTOH, some of the data may be needed (later), and adding them into response
may avoid need for another request.


That said, I think the better way (when possible) is to adjust RRs not to
return too much data (e.g. NS, A, etc. not returning more than ~8 hosts
-- which in turn could be multicast, load balanced, etc to get the desired
scale).

Akamai, for example, defaults to limiting up to 8 RDATAs per RR (or
however you'd describe that).  If you add 20 As for a name you'll rotate
through 8 at a time.  You can request more at your own risk...they assume
you'll ensure the larger answer will fit in a UDP packet and not cause TCP
responses which cripple performance.


I know. But there are cases you just have much of data in the DNS and what I
am asking is, if BIND really does skip authority section, if it helps to
avoid sending truncated packets.

If it does, the minimal-responses does NOT affect packet truncation. if it
does not, I ask why...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use it !
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users