deploying DNS in large ISP

ray at doubleclick.net ray at doubleclick.net
Wed Jul 4 14:51:38 UTC 2001


On Wed, 4 Jul 2001, Brad Knowles wrote:

> At 7:45 PM -0700 7/3/01, Duane Powers wrote:
> 
> > I'm wondering if anyone is using a server farm/cluster for DNS?
> > How are the big guys doing it? Earthlink, AOL etc ...
> > What device can be run in front of the boxes to load balance
> > the traffic? Any help on this would be greatly appreciated.
> 
> When I set up the central caching farm at AOL, we used a set of
> four DEC Alpha 4100 machines, each with four processors and 4GB of
> RAM, and a separate copy of BIND 8  [...]

Hm, perhaps Mr. Powers was asking about authoritative nameservice (and
not caching resolvers)? I setup the authoritative DNS system for my
employer. We used a lot of smaller Sun systems (e.g. Netra T-1, E220R,
etc.) with stripped-down O/S and running a single instance of BIND
8.2.x per node; in front of each cluster of nameservers, we use a
hardware load-balancer capable of handling UDP "transactions". The
theory of operation: to use enough nodes per cluster, such that the
failure of 1 or even 2 nodes would not render the cluster unusable
(overloaded). So, each child node should be sized to handle 200% load,
with a minimum cluster size of 4 nodes.

At first we tried to use a software product like Resonate Central
Dispatch, but CD cannot load-balance UDP (so no good for DNS). Later,
we tested Alteon equipment, but for some reason could not get this to
work. Finally we settled on ArrowPoint CS-100/CS-200's (the company
has since been acquired by Cisco, you can get the CS-200 or CS-800
still, I believe). No problems with the CS-* series, except if you
don't like IOS. Make sure to keep-up with the IOS updates!

We've deployed several of these clusters in geographically diverse
locations and they seem to be working well; this is comforting, as we
currently handle ~2 billion web transactions per day (peaking at 2.5
billion hits/day during the 2000 Olympics), which in conjunction with
short TTLs (15m, 1h, etc) generate a healthy volume of DNS traffic.

You'll want to evaluate the CURRENT offerings from Cisco, Nortel,
etc. before deciding on a load-balancing solution, naturally. YMMV

--
Ray



More information about the bind-users mailing list