suggetsed distro for Bind

Carlos Horowicz carlos at planisys.com
Wed Jul 23 13:46:55 UTC 2025 

Well I meant you can run docker containers inside a vm with qemu 
emulated hardware, that'd be the bad scenario ...you're right containers 
on bare-metal have full visibility of the Instruction set

On 23/07/2025 15:19, Ondřej Surý wrote:
> Docker/Podman is just a container, not *-virtualization platform, so 
> there’s full access to the underlying hardware.
> --
> Ondřej Surý — ISC (He/Him)
>
> My working hours and your working hours may be different. Please do 
> not feel obligated to reply outside your normal working hours.
>
>> On 23. 7. 2025, at 15:10, Carlos Horowicz via bind-users 
>> <bind-users at lists.isc.org> wrote:
>>
>> 
>>
>> I’m not sure if a container will pass through the CPU instruction set 
>> required to leverage hardware acceleration on newer (or even 
>> not-so-new) Intel processors. In KVM, for example, you have to enable 
>> it explicitly.
>>
>> One way to check for supported instructions is:
>>
>> grep -o -w 
>> 'aes\|sha_ni\|pclmulqdq\|rdseed\|rdrand\|avx\|avx2\|avx512' 
>> /proc/cpuinfo | sort | uniq
>>
>> Hardware acceleration can be beneficial if you’re running a resolver 
>> that performs a lot of DNSSEC validation—SHA_NI in particular can 
>> speed up operations involving DS/NSEC/NSEC3 records. That said, if 
>> you’re only running an authoritative server or a small-scale 
>> resolver, crypto acceleration may not be critical.
>>
>> Fwiw, my preferred distro for running BIND9 is Debian 12—it includes 
>> dnstap support out of the box.
>>
>> On 23/07/2025 14:57, Marc wrote:
>>> Maybe consider running it in a container and keeping nice and small with alpine linux
>>>
>>>> I'd like to migrate from bind 9.11 lo last version.
>>>> This service is acting as cache dns server and It' running on Centos 7
>>>> server, what Linux distro do you suggest me for new Bind?
>> -- 
>> Visit https://lists.isc.org/mailman/listinfo/bind-users to 
>> unsubscribe from this list
>>
>> ISC funds the development of this software with paid support 
>> subscriptions. Contact us at https://www.isc.org/contact/ for more 
>> information.
>>
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250723/52b05315/attachment.htm>

More information about the bind-users mailing list