Maintained by: NLnet Labs

[Unbound-users] stub zone and authoritative answers

Ondřej Surý
Fri Oct 9 00:44:11 CEST 2009


> But As far as I know NSD doesn't have a cache, so under heavy load
> NSD will load disk. I have plenty of zones, so I want to protect my
> authoritative servers from burst of requests, ddos and so on.

That's very wrong thinking. I don't have hard numbers, but from design
POV I guess nsd will be faster, since it does have much simpler data
structures - all data are static and lookup algorithms could be very
optimal.

Anyway I don't know what zone do you have, but people (here) run
authoritative server for root and TLD zones and don't have problems
with "burst of requests, ddos and so on".

Ondrej
-- 
Ondřej Surý <ondrej at sury.org>
http://blog.rfc1925.org/