dnsmasq vs. bind

Brian Kelsay bkelsay at comcast.net
Sat Feb 7 15:34:16 CST 2004 

Shayne Patton wrote:

> Jonathan Hutchins wrote:
> 
>> On Friday 06 February 2004 07:12 pm, Shayne Patton wrote:
>>
>>  
>>
>>> I was just wondering if any of you have any experience with dnsmasq.    

>> As far as scaling goes, you want very fast RAM - for larger networks a 
>> dedicated appliance probably works better.  For a moderate size 
>> office, up to say half a class C, a 200MHz Pentium should be adequate.
>>
>>
>>  
>>
> Thank you for the response.  I know what hardware i need to run, rather 
> what hardware I have to work with and to what extent it will scale and i 
> have a 300mhz for the firewall/router machine which i will probably run 
> the dns on as well.  What I was referring to was an actual alternative 
> to BIND or Berkley's dns, or (4give the usage :-) ) windows dns.  
> http://thekelleys.org.uk/dnsmasq/doc.html & 
> http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=148819 
> .  I don't need anything HUGE, but enough to handle (w/ relative ease) 
> up to 50 clients.  I know the hardware is up to it because I did it with 
> bind (actually only 34 clients that time) and even 2kserver, though I 
> had more ram at that point.
> 

Dude, one of the firewall distros (like IPCOP) that is installed to HDD 
can run DNS for a couple of thousand PCs in a fairly hefty network.  For 
the 50 PCs in your net it should be fine.  I run IPCOP on a 166 w/ 64MB 
ram, but I have fewer machines.  That one box can run quite a few 
services.  The only thing that is a little slow is the config web page 
for it.  And that is mainly when pulling up IDS logs.  I have never 
heard of DNSmasq before you brought it up, but someone here runs djbdns 
and tinydns for the number of PCs you are talking about.  When I worked 
for the city of KCMO, they had a Redhat 6.0 box doing DHCP (P-I 200 
128MB ram) and another (P-II 300 128MB) running DNS.  THey had approx. 
4000 PCs.  But they were running BIND.  Reason I mention IPCOP is that 
it is basically RedHat 7.3 stripped to bare minimum for cli use, I think 
it uses BIND for DNS and it does IDS w/ SNORT, filtering w/ iptables, etc.

-- 
----------------------------------------------
Somewhere there is a village missing an idiot.

More information about the Kclug mailing list