Skip to main content

Ralsina.Me — Roberto Alsina's website

Dropping BIND, at least a little

One of my cus­tomers has about 15000 email ac­counts.

I use ex­ten­sive­ly RBLs to keep the un­want­ed con­nec­tions to a min­i­mum, and many oth­er spam de­tec­tion tech­niques, many of which in­volve DNS lookup­s. Plus all the lookups caused by the email of 15000 user­s.

It turns out that ac­cord­ing to our IS­P, we were one of the top ten DNS users in their net­work, and we were killing their server­s.

That got fixed, but it seems late­ly we were killing our own DNS server­s, too.

BIND would stop an­swer­ing to lookups ev­ery once in a while and had to be restart­ed. Since that was an­noy­ing, and the soft­ware was up to date, and there seemed to be noth­ing wrong with the con­fig­u­ra­tion, I did what I could think of, and start­ed look­ing for an al­ter­na­tive.

Pow­erDNS's re­cur­sor works well, is lighter, it's eas­ier, and works like a charm (but you re­al­ly should use their mul­ti­-­for­ward patch).

So, thumbs up for Pow­erDNS, and I am still keep­ing BIND for our au­thor­i­ta­tive zones, at least for a while, since that part seems to still be work­ing cor­rect­ly.

phone number lookup / 2011-12-03 22:22:

this is really interesting viewpoint on the subject i might add

cell phone lookup / 2012-01-17 05:52:


Your blog has the same post as another author but i like your better