Bind - one pc,two ips ,two dns servers

Mon Dec 1 06:55:42 UTC 2008

Res wrote:
> On Mon, 1 Dec 2008, Christopher Chan wrote:
> 
>>> I know exactly who you are Chris (from another list) and have done for
> 
>> Oh really? I don't really mind if you 'expose' me. Go on. I'd like to
>> know if I am who you think I am because I don't remember exchanging
>> emails with you...
> 
> From the inter7 lists, and no, I dont use this address on it, I used a 
> company based email there.
> 

Oh, hahaha, I've only posted there a few times...nah, you wouldn't 
'know' me...I have gone by other names on Centos and qmail and others.

> 
>> Oh, yeah there is a problem...with BIND. Nothing out there beats DJB's
> 
> Yes I've seen you on the qmail list or was it in qmail newsgroup as well, 
> i know your fan of Daniels software :)

Fan? FAN? You'd have to drug me like what them criminals do to child 
soldiers to get my to run qmail on a frontline mailserver. But I will 
have issues with people coming out with blanket statements about the 
quality of code that DJB has put into the public domain now.

> 
>> dnscache and I don't think that has changed in the last three years
> 
> like qmail never changed by DJB since 2001, reason why most moved away to 
> postmix :)

Don't tell me you are an exim fanboy and so you have to diss postfix ;-)

> 
>> after I left my job at a service provider. I am more than certain that
>> dnscache on a HP DL360 with 4G of RAM would be able to handle all the
>> mailservers (see below)
> 
> It could, if you can do 24K on less, then it would, we just use a lcoal 
> bind caching only with forward first to the main DNS cache servers, saves 
> little i know but oh well.

I don't really understand the reasoning behind having a local 
dnscache...yeah, no more network latency but when i can put 200 more 
instances by moving dnscache out...oh well.

> 
>> :-). 4 sets of servers banging away at 4 dnscache boxes. So really just
>> twenty-something frontline mailservers. Total 200 million smtp
>> transactions handled daily with 40 million mailboxes. Three years ago.
> 
> Yes I know, that spam infested place :) or was that before you went to 
> the service providor?

Well that spam infested place is doing everybody a favour by feeding a 
lot of the commonly used and accurate lists such as rhsbl, spamhaus 
(indirectly through cbl) with spam sources and therefore indirectly 
keeping spam out of your mailboxes if you use cbl, spamhaus, rhsbl and 
others. But please don't remind me of all the bounce floods I had to 
deal with back then when that service provider's domains were forged by 
spammers seeking revenge.

> 
>> Nope, I needed the cpu cycles and them mailserver boxes used to have
>> their own local dns cache chewing up 15% of all cpu when the boxes were
>> fully loaded but with only 600 connections setup.
> 
> I take it the hardware is same as DNS? we use 1K concurrent limit on same 
> hardware, bloody spamassassin is the load whore :) MTAs rarely go 
> above 1 at full load, even anti virus ups it to only 2, SA sends it to 
> 5-7, even 9 on some machines.

Heh. Yes, you hit the nail on the frontline hardware. No SA. Not 
possible. They had SA and Amavis-new on other boxes...two/three stage 
setup. Yeah, a real resource hungry beast, SA.

> 
>> You'd have to work in an environment where you don't get new hardware
>> and have to squeeze every last drop of juice from your available
> 
> Oh I have trust me :) But where I am now affords me the luxury of modern 
> equipment, without fighting the directors tooth and nail for approval,
> "get what you want when you want, but make sure if we randomly ask you 
> why, you can justify it"  I'm liking the new dl785 but I dont think "I 
> needed a faster desktop" would really cut it :)
> 

Good for you! I am now in a school where I have a chance to replace 
Windows desktops with Linux ones (Promethean, you BETTER DELIVER on 
Linux Activstudio in January!!!) and hopely setup a video studio and 
loads more :-D. Oh, I also get to laugh at others who are trying to 
setup a mail service for maybe 20-25k accounts.