Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
Categories
There are no subcategories in this category.
1 prefetch performance in BIND 9.10 Featured

Our new feature Early refresh of cache records (cache prefetch) in BIND 9.1 unfortunately came with a design defect that was not spotted until recently, and which can cause performance degradation in some situations. If you are experiencing surprising and…

2 --with-tuning=large - about using this build-time option Featured

In BIND 9.10 (and earlier in the stable preview edition) we added a built-time option --with-tuning=large. This option allows operators to tune BIND for better performance in high-memory machines, by setting various constants and defaults to values more appropriate…

3 DNSSEC in 6 minutes! Featured

The original presentation written by Alan Clegg and as published on ISC's website was DNSSEC in 6 minutes. That article, along with a more recent presentation (taking advantage of improvements in automation and key management) are both made available here…

4 serial-query-rate, notify-rate and startup-notify-rate: how they impact zone transfers in different versions of BIND

serial-query-rate (default 20) is a rate-limiter, that has been used to for a long time to control both the rate of notifies and of zone refresh (SOA queries). Although the limit is expressed as a per-second rate, it is the actions that are being limited,…

5 Root hints - a collection of operational and configuration FAQs

This collection of FAQs (and links to other related articles) aims to de-mystify for new DNS administrators, what the root hints are and how they are used. What are the root hints? The root hints are a list of the servers that are authoritative for the root…

6 UDP Listeners - choosing the right value for -U when starting named

BIND 9.9.0 introduced a new feature to improve performance in multi-threaded environments, particularly those with a large number of processors. The reasons for this are documented here: Performance: Multi-threaded I/O (https://kb.isc.org/article/AA-00629)…

7 Refinements to EDNS fallback behavior can cause different outcomes in Recursive Servers

Recursive DNS Servers administrators have for many years been advised to ensure that both the servers that they are running and the network environments wherein those servers reside are RFC-compliant. This is to ensure the best possible outcome when handling…

8 Gathering Information on BIND9 Memory Usage

Some problems that can occur with a program are (relatively) easy to isolate. A log message may indicate what the server was doing when a crash occurred, or the stack trace printed when a crash occurs may point to a certain section of the code. However problems…

9 How do I answer for a specific hostname in a zone, but resolve all its other names normally?

Problem A common wish among many sites with internal-only nameservers is the desire on an otherwise caching-only resolver to override one (or more) single name[s] from the Internet. Suppose your company is "example.com" and your authoritative DNS is hosted…

10 Linux connection tracking and DNS

Question: My busy Linux-based nameserver is giving unreasonably slow responses. How do I know if Linux connection tracking is causing the problem I am having? Answer: If you are seeing slow responses and timeouts from your nameserver, check its kernel log…

1 2 3 Next