suggetsed distro for Bind
Carlos Horowicz
carlos at planisys.com
Wed Jul 23 13:10:07 UTC 2025
I’m not sure if a container will pass through the CPU instruction set
required to leverage hardware acceleration on newer (or even not-so-new)
Intel processors. In KVM, for example, you have to enable it explicitly.
One way to check for supported instructions is:
grep -o -w 'aes\|sha_ni\|pclmulqdq\|rdseed\|rdrand\|avx\|avx2\|avx512'
/proc/cpuinfo | sort | uniq
Hardware acceleration can be beneficial if you’re running a resolver
that performs a lot of DNSSEC validation—SHA_NI in particular can speed
up operations involving DS/NSEC/NSEC3 records. That said, if you’re only
running an authoritative server or a small-scale resolver, crypto
acceleration may not be critical.
Fwiw, my preferred distro for running BIND9 is Debian 12—it includes
dnstap support out of the box.
On 23/07/2025 14:57, Marc wrote:
> Maybe consider running it in a container and keeping nice and small with alpine linux
>
>> I'd like to migrate from bind 9.11 lo last version.
>> This service is acting as cache dns server and It' running on Centos 7
>> server, what Linux distro do you suggest me for new Bind?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250723/af045948/attachment-0001.htm>
More information about the bind-users
mailing list