RRL probably not useful for DNS IP blacklists, was Re: New Versions of BIND are available (9.9.4, 9.8.6, and 9.6-ESV-R10)

Simon Forster forster at spamteq.com
Mon Sep 23 21:41:19 UTC 2013


On 23 Sep 2013, at 19:24, Tony Finch <dot at dotat.at> wrote:

> Simon Forster <forster at spamteq.com> wrote:
>> 
>> As a matter of interest, if one had a DNSBL with 5.5 million entries
>> (i.e. 5.5 million IPs):
>> 
>> 1) What needs to be done to rewrite that to a BIND zone?
>> 2) What sort of machine would be required to load that zone?
>> 3) How long would it take to load into BIND?
> 
> I did a quick test. Generating and parsing the zone in text format took
> about 80s wall time; loading the raw zone file took 30s. In both cases
> named-checkzone used about 1.25GB RAM.

Excellent info. Thank you. What's the specs of the machine you're testing on?

TIA

Simon

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130923/d0b99fa1/attachment.bin>


More information about the bind-users mailing list