[93651] in North American Network Operators' Group
Re: DNS - connection limit (without any extra hardware)
daemon@ATHENA.MIT.EDU (Matt Ghali)
Sun Dec 10 16:15:50 2006
Date: Sun, 10 Dec 2006 13:14:15 -0800 (PST)
From: Matt Ghali <matt@snark.net>
To: Daniel Golding <dgolding@t1r.com>
Cc: nanog@nanog.org
In-Reply-To: <6E68E005-8FD1-45B3-9BBC-BB8D3BCCDE66@t1r.com>
Errors-To: owner-nanog@merit.edu
On Sun, 10 Dec 2006, Daniel Golding wrote:
> Folks should also look at some of the DNS appliances (I know, this is "extra
> hardware"). Although the usually run BIND, they tend to be fairly optimized
> and have extra management functionality that may help with the rate limiting
> (if not, its probably a feature request that the vendors would entertain
> rapidly, as there's some pretty intense competition). Some folks to talk to -
> Infoblox and Bluecat.
I'm not sure what you mean by "optimized" here, but I suspect that
the only part optimized is the user interface for configuring
per-client policies that still do not scale, but I would be glad to
be proven wrong.
> If you have really large DNS rate requirements, I'd
> consider talking to Nominum.
I agree with you there; but that's sort of a given :)
matto
--matt@snark.net------------------------------------------<darwin><
Moral indignation is a technique to endow the idiot with dignity.
- Marshall McLuhan
