dnsmasq vs. bind
Brian Kelsay
bkelsay at comcast.net
Sat Feb 7 15:34:16 CST 2004
Shayne Patton wrote:
> Jonathan Hutchins wrote:
>
>> On Friday 06 February 2004 07:12 pm, Shayne Patton wrote:
>>
>>
>>
>>> I was just wondering if any of you have any experience with dnsmasq.
>> As far as scaling goes, you want very fast RAM - for larger networks a
>> dedicated appliance probably works better. For a moderate size
>> office, up to say half a class C, a 200MHz Pentium should be adequate.
>>
>>
>>
>>
> Thank you for the response. I know what hardware i need to run, rather
> what hardware I have to work with and to what extent it will scale and i
> have a 300mhz for the firewall/router machine which i will probably run
> the dns on as well. What I was referring to was an actual alternative
> to BIND or Berkley's dns, or (4give the usage :-) ) windows dns.
> http://thekelleys.org.uk/dnsmasq/doc.html &
> http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=148819
> . I don't need anything HUGE, but enough to handle (w/ relative ease)
> up to 50 clients. I know the hardware is up to it because I did it with
> bind (actually only 34 clients that time) and even 2kserver, though I
> had more ram at that point.
>
Dude, one of the firewall distros (like IPCOP) that is installed to HDD
can run DNS for a couple of thousand PCs in a fairly hefty network. For
the 50 PCs in your net it should be fine. I run IPCOP on a 166 w/ 64MB
ram, but I have fewer machines. That one box can run quite a few
services. The only thing that is a little slow is the config web page
for it. And that is mainly when pulling up IDS logs. I have never
heard of DNSmasq before you brought it up, but someone here runs djbdns
and tinydns for the number of PCs you are talking about. When I worked
for the city of KCMO, they had a Redhat 6.0 box doing DHCP (P-I 200
128MB ram) and another (P-II 300 128MB) running DNS. THey had approx.
4000 PCs. But they were running BIND. Reason I mention IPCOP is that
it is basically RedHat 7.3 stripped to bare minimum for cli use, I think
it uses BIND for DNS and it does IDS w/ SNORT, filtering w/ iptables, etc.
--
----------------------------------------------
Somewhere there is a village missing an idiot.
More information about the Kclug
mailing list