restructuring/redesigning BIND (was Re: 9.2.5 db causes high cpu?)
brad at stop.mail-abuse.org
Tue Feb 22 09:50:31 UTC 2005
At 5:52 AM +0000 2005-02-22, Jim Reid wrote:
> This is a truly horrible idea. A better solution would be to produce
> two independent executables that can then be optimised for
> authoritative-only or caching-only operations.
I strongly disagree. If you were going to go that route, you
might as well ship djbdns and be done with it.
Paul seems to agree with your view on the subject regarding value
of separation of function, but seems to feel that there is no way we
could ever possibly get away from shipping a single binary that is
required to do it all.
Myself, I think I fall somewhere in the middle.
I have felt for many years that the functions should definitely
be kept completely separate, on separate instances of the software
preferably running on totally separate machines, but through
configuration management and not through the use of physically
That said, like Paul I feel I have to allow for people who have
various constraints put on them that require both functions to be
provided by the same instance of the same software running on the
same machine -- regardless of whether or not these constraints are
put on them by their own stupidity or by external forces.
> Algorithms and data
> structures can be specifically designed for one function instead of an
> unhappy compromise for both. The proof of the validity of that
> approach can be seen in the Nominum servers and NSD.
You warned me yourself against recommending that people use NSD
as a general purpose authoritative-only server. You said that they
threw out almost all of the things that you would want in an
authoritative-only server, and customized it so heavily for the
root/TLD server function that it was unsuitable for use as a
general-purpose authoritative-only server.
Have you changed your mind? Has NSD evolved to the point where I
can recommend that people throw away their authoritative-only BIND
installations and switch to a program that is likely to be at least
four times as fast on the same machine?
With regards to the ability to customize each server, algorithms,
and data structures for the specific task, that is an interesting
argument. I don't know anything about the internals of ANS versus
CNS and I presume that you do.
I would be very interested to learn more about the internals of
ANS and CNS, how they compare and contrast, what compromises you'd
have to make in terms of architecture, algorithms, and data
structures if you were to try to put them into the same program, and
what kinds of impacts those compromises would result in.
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the bind-workers