Re: [Pdns-users] Meltdown impact on PowerDNS/dnsdist
Am 06.01.2018 um 17:18 schrieb Michael Ströder: > bert hubert wrote: >> We have done some very tentative measurements on the Linux Meltdown >> workaround & impact on DNS performance. > > Besides the performance impact of the "fixes" doesn't this mean that > people should stop doing DNSSEC signing on-the-fly on the authorative > server and move DNSSEC signing to isolated systems? It depends on your DNS-usage. For static zones this is possible. But if you have somehow dynamic zones (e.g. geoDNS) then you usually use online-signing. regards Klaus ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] Meltdown impact on PowerDNS/dnsdist
bert hubert wrote: > We have done some very tentative measurements on the Linux Meltdown > workaround & impact on DNS performance. Besides the performance impact of the "fixes" doesn't this mean that people should stop doing DNSSEC signing on-the-fly on the authorative server and move DNSSEC signing to isolated systems? Ciao, Michael. smime.p7s Description: S/MIME Cryptographic Signature ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] Meltdown impact on PowerDNS/dnsdist
Hi everybody, We have done some very tentative measurements on the Linux Meltdown workaround & impact on DNS performance. Based on very early measurements we see around a 10% impact in queries per second for a UDP heavy workload. In addition, one largescale user of PowerDNS Authoritative Server on PostgreSQL suspects the performance problems they see coincided with the rollout of Meltdown workarounds, but we're still investigating. Finally, we did a writeup what Meltdown and specifically Spectre actually are, which you can find on https://ds9a.nl/articles/posts/spectre-meltdown/ We will keep you posted as we learn more! Bert ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
