Re: [Dnsmasq-discuss] Speed comparison dnsmasq - unbound?
On Sun, Feb 16, 2014 at 07:38:37AM +0100, Oliver Rath wrote: did somebody some speed comparison tests for the dns caching functionality between dnsmasq and unbound (http://unbound.net/)? Compare apples to apples. You're not doing that. Dnsmasq is a DNS forwarder. Unbound is a DNS resolver. Unbound actually does the work of accepting recursive queries and then performing the iterative queries to find the answer. Dnsmasq simply hands off these queries to a backend resolver, such as BIND named or unbound. Accordingly, I'd expect dnsmasq to be faster, but noting that the comparison is meaningless. Ive read that unbound is the fastest dns caching server including dnssec support, but I could imagine, that dnsmasq has the same speed (or better). I've read a lot of things on the Internet. Some of them might have been true. Unqualified claims of speed are usually bogus. Such claims are especially difficult to establish in the realm of DNS, because your apparent speed is largely dependent upon random third parties' servers and the speed of their Internet connections. Do you have a link to these speed studies? I'd like to see them. Unbound is the new standard dns caching server in FreeBSD 10 and replaces bind. IIUC that's only partly true. BIND is a complete DNS implementation, whereas unbound is only a caching resolver. Those who are serving authoritative DNS to the world also need an authoritative DNS server such as BIND named or NLNetLabs' NSD. Note, best practice usually demands separation of authoritative DNS service from recursive service. Unbound/NSD were began with this understanding, whereas BIND has roots going back to the very beginnings of DNS. (The fact that named can do it all in one notwithstanding, this is not what ISC recommends. But it is a convenience for some small, internal-only sites, where that might override security concerns.) Just for interest. -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if /dev/rob0 is in the Subject: ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Speed comparison dnsmasq - unbound?
Hi Rob, thank you for the extensive clarification of the disparity between dnsmasq and unbound. It wasnt clear to me that there are so big differences. Tfh! Oliver Am 16.02.2014 15:06, schrieb /dev/rob0: [..] ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Speed comparison dnsmasq - unbound?
On Sun, Feb 16, 2014 at 9:06 AM, /dev/rob0 r...@gmx.co.uk wrote: On Sun, Feb 16, 2014 at 07:38:37AM +0100, Oliver Rath wrote: did somebody some speed comparison tests for the dns caching functionality between dnsmasq and unbound (http://unbound.net/)? Compare apples to apples. You're not doing that. Dnsmasq is a DNS forwarder. Unbound is a DNS resolver. Unbound actually does the work of accepting recursive queries and then performing the iterative queries to find the answer. To be mildly more clear, DNSmasq is a caching forwarder, (although I just discovered caching is turned off in ubuntu's implementation) While not a recursing resolver, it can be configured as a primary dns server for a small set of (sub)domains easily. The fact that it caches, however, is very important. Dnsmasq simply hands off these queries to a backend resolver, such as BIND named or unbound. Accordingly, I'd expect dnsmasq to be faster, but noting that the comparison is meaningless. Ive read that unbound is the fastest dns caching server including dnssec support, but I could imagine, that dnsmasq has the same speed (or better). I've read a lot of things on the Internet. Some of them might have been true. Unqualified claims of speed are usually bogus. Such claims are especially difficult to establish in the realm of DNS, because your apparent speed is largely dependent upon random third parties' servers and the speed of their Internet connections. Do you have a link to these speed studies? I'd like to see them. Unbound is the new standard dns caching server in FreeBSD 10 and replaces bind. IIUC that's only partly true. BIND is a complete DNS implementation, whereas unbound is only a caching resolver. Those who are serving authoritative DNS to the world also need an authoritative DNS server such as BIND named or NLNetLabs' NSD. Note, best practice usually demands separation of authoritative DNS service from recursive service. Unbound/NSD were began with this understanding, whereas BIND has roots going back to the very beginnings of DNS. (The fact that named can do it all in one notwithstanding, this is not what ISC recommends. But it is a convenience for some small, internal-only sites, where that might override security concerns.) Just for interest. -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if /dev/rob0 is in the Subject: ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss -- Dave Täht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Speed comparison dnsmasq - unbound?
Hi list, did somebody some speed comparison tests for the dns caching functionality between dnsmasq and unbound (http://unbound.net/)? Ive read that unbound is the fastest dns caching server including dnssec support, but I could imagine, that dnsmasq has the same speed (or better). Unbound is the new standard dns caching server in FreeBSD 10 and replaces bind. Just for interest. Regards Oliver ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss