<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"><meta http-equiv="Content-Type" content="text/html charset=utf-8"><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi Filho,<div class=""><br class=""></div><div class="">We have used bind as a server for many years in a VM with a single CPU and 2 Go RAM with almost default settings.</div><div class=""><br class=""></div><div class="">Here is the options of our config</div><div class=""><br class=""></div><div class=""><div class="">options {</div><div class=""><span class="Apple-tab-span" style="white-space:pre">    </span>directory "/var/lib/named";</div><div class=""><span class="Apple-tab-span" style="white-space:pre">     </span>managed-keys-directory "/var/lib/named/dyn/";</div><div class=""><span class="Apple-tab-span" style="white-space:pre">   </span>zone-statistics yes;</div><div class=""><span class="Apple-tab-span" style="white-space:pre">      </span>statistics-file "/var/lib/named/log/named.stats";</div><div class=""><span class="Apple-tab-span" style="white-space:pre">       </span>dump-file "/var/log/named_dump.db";</div><div class=""><span class="Apple-tab-span" style="white-space:pre">     </span>forwarders { x.x.x.x; x.x.x.x; };</div><div class=""><span class="Apple-tab-span" style="white-space:pre"> </span>listen-on port 53 { 192.168.4.160; };</div><div class=""><span class="Apple-tab-span" style="white-space:pre">     </span>allow-query { any; };</div><div class=""><span class="Apple-tab-span" style="white-space:pre">     </span>notify yes;</div><div class=""><span class="Apple-tab-span" style="white-space: pre;">     </span>allow-transfer { 10.91.76.0/24; 192.168.1.0/24; 192.168.2.0/24; 192.168.3.0/24; 192.168.4.0/24; };</div><div class=""><span class="Apple-tab-span" style="white-space:pre">        </span>empty-zones-enable no;</div><div class=""><span class="Apple-tab-span" style="white-space: pre;">  </span>recursive-clients 20000;</div><div class=""><span class="Apple-tab-span" style="white-space:pre">  </span>tcp-clients 20000;</div><div class="">        check-names master ignore;</div><div class="">        check-names slave ignore;</div><div class="">        check-names response ignore;</div><div class="">};</div></div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">The server is used in a MAN network in Switzerland, for more than 10’000 computers.</div><div class="">8 to 10 millions query per day without any performance issue.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">Best regards</div><div class="">Stefano</div><div class=""><br class=""></div><div class=""><br class=""><div class=""><blockquote type="cite" class=""><div class="">On 22 Mar 2017, at 05:21, Filho Arrais <<a href="mailto:kuruminbranco@gmail.com" class="">kuruminbranco@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div class="gmail_default" style="font-family:verdana,sans-serif;color:rgb(51,51,51)"><div class="gmail_default" style="color:rgb(34,34,34)">Hello,<br class=""></div><div class="gmail_default" style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12px"><div class="gmail_default"><font face="verdana, sans-serif" class=""><br class=""></font></div><div class="gmail_default"><font face="verdana, sans-serif" class="">I have a 9.9.5 recursive bind server running on Debian 8 at an internet provider. The peak reaches 3,000 queries, that number will be much greater when we put more customers to use dns.</font></div><div class="gmail_default"><font face="verdana, sans-serif" class=""><br class=""></font></div><div class="gmail_default"><font face="verdana, sans-serif" class="">Please could suggest bind adjustments, security tips, and kernel improvements for better performance. Any tip for improvement is welcome. Currently we do not serve IPv6, but we will be in production soon.</font></div><div class="gmail_default"><font face="verdana, sans-serif" class=""><br class=""></font></div><div class="gmail_default"><font face="verdana, sans-serif" class="">The server is a VM with 4 vcore and 4 gb of RAM, which can be upgraded, if necessary.</font></div></div><div class="gmail_default" style="color:rgb(34,34,34)"><br class=""></div><div class="gmail_default" style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12px"><font face="verdana, sans-serif" class=""><b class="">/etc/bind/named.conf.options</b></font><br class=""></div><div class="gmail_default" style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12px"><font face="verdana, sans-serif" class=""><br class=""></font></div><div class="gmail_default" style="color:rgb(34,34,34)"><div class="gmail_default">options {</div><div class="gmail_default">        directory "/var/cache/bind";</div><div class="gmail_default">        version "unknown";</div><div class="gmail_default">        recursive-clients 10000;</div><div class="gmail_default">        tcp-clients 1000;</div><div class="gmail_default">        zone-statistics yes;</div><div class="gmail_default">        listen-on port 53 { any; };</div><div class="gmail_default">        allow-query     { any; };</div><div class="gmail_default">        allow-query-cache { any; };</div><div class="gmail_default">        minimal-responses yes;</div><div class="gmail_default">        dnssec-enable no;</div><div class="gmail_default">        dnssec-validation no;</div><div class="gmail_default">        auth-nxdomain no;</div><div class="gmail_default">        allow-recursion  {      127.0.0.1;</div><div class="gmail_default">                                <a href="http://177.0.0.0/18" class="">177.0.0.0/18</a>;</div><div class="gmail_default">                         };</div><div class="gmail_default">        recursion yes;</div><div class="gmail_default">};</div></div><div class="gmail_default" style="color:rgb(34,34,34)"><br class=""></div><div class="gmail_default" style="color:rgb(34,34,34)"><br class=""></div><div class="gmail_default" style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12px"><div class="gmail_default"><font face="verdana, sans-serif" class=""><b class="">/etc/default/bind9</b></font></div><div class="gmail_default"><font face="verdana, sans-serif" class=""><br class=""></font></div><div class="gmail_default"><font face="verdana, sans-serif" class=""># run resolvconf?</font></div><div class="gmail_default"><font face="verdana, sans-serif" class="">RESOLVCONF=yes</font></div><div class="gmail_default"><font face="verdana, sans-serif" class=""><br class=""></font></div><div class="gmail_default"><font face="verdana, sans-serif" class=""># startup options for the server</font></div><div class="gmail_default"><font face="verdana, sans-serif" class="">OPTIONS="-4 -u bind"</font></div><div class="gmail_default"><font face="verdana, sans-serif" class=""><br class=""></font></div></div></div><div class=""><div class="gmail_signature"><div dir="ltr" class=""><span class=""></span><span class=""></span>
<div class=""><span style="color:rgb(51,51,51)" class=""><span style="font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)" class=""><span style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13px;line-height:normal;font-family:arial,sans-serif;text-transform:none;text-indent:0px;letter-spacing:normal;word-spacing:0px;float:none;white-space:normal;background-color:rgb(255,255,255);display:inline" class="">-- </span><div style="font-style: normal; font-variant-ligatures: normal; font-variant-position: normal; font-variant-caps: normal; font-variant-numeric: normal; font-variant-alternates: normal; font-variant-east-asian: normal; font-weight: normal; font-size: 13px; line-height: normal; font-family: arial, sans-serif; margin: 0px; text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal;" class=""><b class=""><span style="font-family:verdana,sans-serif;font-size:8pt" class="">Filho </span></b><b class=""><span style="font-family:verdana,sans-serif;font-size:8pt" class="">Arrais  </span></b></div></span></span><p style="font-style:normal;font-variant:normal;font-weight:normal;font-size:13px;line-height:normal;font-family:arial,sans-serif;margin:0px;color:rgb(34,34,34);text-transform:none;text-indent:0px;letter-spacing:normal;word-spacing:0px;white-space:normal;font-stretch:normal" class=""></p></div></div></div></div>
</div>
_______________________________________________<br class="">Please visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" class="">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br class=""><br class="">bind-users mailing list<br class=""><a href="mailto:bind-users@lists.isc.org" class="">bind-users@lists.isc.org</a><br class=""><a href="https://lists.isc.org/mailman/listinfo/bind-users" class="">https://lists.isc.org/mailman/listinfo/bind-users</a></div></blockquote></div><br class=""></div></body></html>