On Sun, Feb 16, 2014 at 9:06 AM, /dev/rob0 r...@gmx.co.uk wrote:
On Sun, Feb 16, 2014 at 07:38:37AM +0100, Oliver Rath wrote:
did somebody some speed comparison tests for the dns caching
functionality between dnsmasq and unbound (http://unbound.net/)?
Compare apples to apples. You're not doing that.
Dnsmasq is a DNS forwarder. Unbound is a DNS resolver. Unbound
actually does the work of accepting recursive queries and then
performing the iterative queries to find the answer.
To be mildly more clear, DNSmasq is a caching forwarder,
(although I just discovered caching is turned off in ubuntu's implementation)
While not a recursing resolver, it can be configured as a primary dns server
for a small set of (sub)domains easily.
The fact that it caches, however, is very important.
Dnsmasq simply hands off these queries to a backend resolver, such as
BIND named or unbound. Accordingly, I'd expect dnsmasq to be faster,
but noting that the comparison is meaningless.
Ive read that unbound is the fastest dns caching server including
dnssec support, but I could imagine, that dnsmasq has the same
speed (or better).
I've read a lot of things on the Internet. Some of them might have
been true. Unqualified claims of speed are usually bogus. Such
claims are especially difficult to establish in the realm of DNS,
because your apparent speed is largely dependent upon random third
parties' servers and the speed of their Internet connections.
Do you have a link to these speed studies? I'd like to see them.
Unbound is the new standard dns caching server in FreeBSD 10 and
replaces bind.
IIUC that's only partly true. BIND is a complete DNS implementation,
whereas unbound is only a caching resolver. Those who are serving
authoritative DNS to the world also need an authoritative DNS server
such as BIND named or NLNetLabs' NSD.
Note, best practice usually demands separation of authoritative DNS
service from recursive service. Unbound/NSD were began with this
understanding, whereas BIND has roots going back to the very
beginnings of DNS.
(The fact that named can do it all in one notwithstanding, this is
not what ISC recommends. But it is a convenience for some small,
internal-only sites, where that might override security concerns.)
Just for interest.
--
http://rob0.nodns4.us/
Offlist GMX mail is seen only if /dev/rob0 is in the Subject:
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
--
Dave Täht
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss