[dns-operations] FYI-- Paul Vixie: ISC statement about BIND9's recent -P1 releases

Stefan Schmidt stefan.schmidt at freenet.ag
Mon Jul 28 19:59:07 UTC 2008


On Mon, Jul 28, 2008 at 12:48:29PM -0700, Sebastian Castro Avila wrote:
> Just for the record and impersonating Mauricio Vergara from NIC Chile,  
> we've been urging local ISP to upgrade their resolvers and one of the  
> biggest reported to us the same issue. They upgraded and the resolver  
> stopped to work due to the load, so they continued with the vulnerable  
> but working code.

Ok for the record, i think most of those people would be better of
switching from BIND9 to PowerDNS recursor. I did that back in 2006 and
whilst BIND9 played up regularly i did not have a single pdns_recursor
crash the whole time. Its absolutely worth it from an operators
perspective.

And again for the record:
Make them use loadbalancing [1] for their recursive DNS, its soo cheap and
easy. [2]

 Stefan

[1] http://www.linuxvirtualserver.org/
[2] http://kb.linuxvirtualserver.org/wiki/Building_Scalable_DNS_Cluster_using_LVS
-- 
panic("Oh boy, that early out of memory?");
2.2.16 /usr/src/linux/arch/mips/mm/init.c 



More information about the dns-operations mailing list