Bind9 - Tuning
Filho Arrais
kuruminbranco at gmail.com
Wed Mar 22 04:21:23 UTC 2017
Hello,
I have a 9.9.5 recursive bind server running on Debian 8 at an internet
provider. The peak reaches 3,000 queries, that number will be much greater
when we put more customers to use dns.
Please could suggest bind adjustments, security tips, and kernel
improvements for better performance. Any tip for improvement is
welcome. Currently we do not serve IPv6, but we will be in production soon.
The server is a VM with 4 vcore and 4 gb of RAM, which can be upgraded, if
necessary.
*/etc/bind/named.conf.options*
options {
directory "/var/cache/bind";
version "unknown";
recursive-clients 10000;
tcp-clients 1000;
zone-statistics yes;
listen-on port 53 { any; };
allow-query { any; };
allow-query-cache { any; };
minimal-responses yes;
dnssec-enable no;
dnssec-validation no;
auth-nxdomain no;
allow-recursion { 127.0.0.1;
177.0.0.0/18;
};
recursion yes;
};
*/etc/default/bind9*
# run resolvconf?
RESOLVCONF=yes
# startup options for the server
OPTIONS="-4 -u bind"
--
*Filho **Arrais *
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170322/18fd3534/attachment.html>
More information about the bind-users
mailing list