[6034] in Release_7.7_team
Re: 9.4 patch release plans
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Jul 24 14:59:11 2008
From: Greg Hudson <ghudson@MIT.EDU>
To: Jonathon Weiss <jweiss@mit.edu>
Cc: release-team@mit.edu
In-Reply-To: <200807241827.m6OIRqju005314@wax-lion.mit.edu>
Content-Type: text/plain
Date: Thu, 24 Jul 2008 14:58:33 -0400
Message-Id: <1216925913.12433.23.camel@error-messages.mit.edu>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Spam-Flag: NO
X-Spam-Score: 0.00
On Thu, 2008-07-24 at 14:27 -0400, Jonathon Weiss wrote:
> I was going to suggest that we talk to netops before killing off the
> caching named on athena machines, then I saw the performace issue
> discussion on -c consult, and suggest it even more. :-)
Ordinarily I would consider this a non-issue; it's a couple thousand
machines out of tens of thousands, and the speed of server machines has
increased much faster than the campus DNS load over the past decade.
However, if the port randomization changes are already causing load
issues on the caching named, we probably don't want to add additional
load at this time. And as Andrew notes, we can get slightly better
security from a local caching named than we can from the libc stub
resolver.
So, let's import the latest BIND and remove the stub zone from its
configuration. Again, I'd like to help one of Andrew or Bob do this
work rather than doing it myself, for transition reasons.
