Matthias Leisi wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Douglas Otis schrieb:
Although the 64 bytes needed for reversed IPv6 address names impacts
reverse lookups, and schemes like rfc4025, returning an A record is not
a problem. The zone size for programs like rbldnsd will necessitate
additional servers.
A large DNSBL has in the area of 5 mio entries. CPU and I/O load should
not be a problem with IPv6 addresses.
One of the DSBL variants has around 11 million, and one of the SORBs
lists had 13m when I last looked. We have run with both CBL (5m
entries) and DSBL simultaneously, no problems.
Even when you combine them altogether into a single zone, where each
entry has its own A record, rbldnsd still behaves pretty nicely.
Our zone file is ~500mb, and we do several million queries per day, and
get sustained query rates of ~2-3 million/hour upon occasion. CPU is
still under ~5%.
Not a problem for reasonably modern hardware.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg