[76] in Hesiod
How do I use hesiod efficiently?
daemon@ATHENA.MIT.EDU (Mark Rosenstein)
Thu Jan 2 13:47:11 1992
Date: Thu, 2 Jan 92 13:43:36 -0500
From: Mark Rosenstein <mar@MIT.EDU>
To: manson@magnus.acs.ohio-state.edu
Cc: greg@duke.cs.unlv.edu, rsw@eng.umd.edu, jh@efd.lth.se,
In-Reply-To: Bob Manson's message of Mon, 30 Dec 91 09:33:19 -0500 <9112301433.AA11273@bottom.magnus.acs.ohio-state.edu>
Bob points out a number of very valid shortcomings with Hesiod.
However his conclusion that it isn't suitable for large user databases
or setups with multiple servers is not true. Here at Athena, we have
10,000 users in our database (the total size of the ascii zone files
is 5 Meg). We also have three hesiod servers providing redundancy.
Database size is a problem. It takes about 10 minutes for named to
start up, so quick restarts are out of the question. And named grows
to 10 meg of memory. On a machine with only 16 Meg of swap space (so
we're running them on old hardware), this means that the process
cannot fork.
But we do not do zone transfers, for several reasons. They are
unnecessary, as the same system that generates the zone files (you
don't think we edit a database that large by hand, do you?)
distributes them to each of the hesiod servers. We do not want people
getting ahold of the list of all usernames for privacy/security
reasons. Finally, as people have pointed out, that party of named is
buggy.
However there is a solution for the large database problem, especially
if you are already running 3 or more hesiod servers. Parition the
database. That's one of the features of hesiod over systems like
yellow pages is that you can divide up the database. With three
servers, we divided up the database into 3 parts, and put 2/3 of it on
each server, so that we still have dual redundancy for each table.
Faster, easier updates are something we've thought about a little bit.
We could engineer a solution for hesiod, but the real problem is the
mailhub. If we don't have a way to change our oversized
/usr/lib/aliases file for sendmail quickly, we're not going to be able
to do instant user account updates anyway.
-Mark
