[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Suitability of LDAP as DNS backend - PowerDNS LDAP backend moving to unmaintained status
I just wanted to add that according many testimonies, like:
https://lists.isc.org/mailman/htdig/bind-users/2011-February/082814.html, BIND9
with LDAP over DLZ has a very low performance, making it unsuitable for
production systems, which is not the case with PowerDNS.
I too, read that before we rolled out our DNS cluster, but when we came to
trying it ourselves, we got completely different results, or perhaps, acceptable
results. Sure LDAP+DLZ was not quite as fast as BDB+DLZ, but the latter had so
many troubles it was not worth it. We migrated from BDB+DLZ to LDAP+DLZ.
We now have one ldap-master, and 6 ldap+bind9+DLZ servers. (3+3 in two data
centers). We have had very few troubles with this setup. (troubles are related
to syncrepl). Authoritative only, no recursion. No servers in front. Since the
BIND+DLZ servers use slapd on localhost, they continue to function if isolated
(network troubles etc).
All DNS records are instantly updated, including DynDNS service. No restarts
ever required. We are very happy with this setup. Currently, it is hosting
150183 domains (not counting sub domains, or records).
A random host lookup responds in:
25ms, 1ms, 1ms.
Which is acceptable to us.
Lund
--
Jorgen Lundman | <lundman@lundman.net>
Unix Administrator | +81 (0)3 -5456-2687 ext 1017 (work)
Shibuya-ku, Tokyo | +81 (0)90-5578-8500 (cell)
Japan | +81 (0)3 -3375-1767 (home)