Thoughts on a large-scale DNS server...

[John Von Essen]

I have been tasked with setting up a large-scale dns server environment
(One ISP is taking over another ISP) and would greatly appreciate any
thouhts or experiences that could help me out.

In the end we will probably be doing authoritative DNS for 11,000 domains,
and another 200 or so in-arpa address ranges for reverse resolution.

The plan is to have 3 core machines. One is the master, and gets its zone
files created from local cvs exports. The other two are slaves, and do
zone transfers from the master. The Public will actually only talk to
these two slave DNS servers (NS1 and NS2). The machines themselves will be
Single 3Ghz Xeon, 1Gb Memory, and 70Gb RAID 1 U320 SCSI. For every
machine, we will have a standby machine waiting and ready.

The first question is, do I have enough CPU/Memory. Keep in mind these
machines will nothing but DNS.

Are there any performace issues with using regular filesystem directory
zone file storage. For example, we will have a very large named.conf file
with some 11,000 zone entries (I have never worked with a named.conf
file that big before). Those entries will just reference the local
filesystem, file "s/a/adam.com"; and so on.

The next big question is BIND8 or BIND9. I would like to take advantage of
threading in BIND9, but saw a previous post that BIND9 can have difficulty
working with BIND8 servers which were incorrectly setup, whereas BIND8 can
allow for a certain level of "external" incompetence.

And finally, Linux or FreeBSD, and if FreeBSD, 4 or 5.

Current staff (besides me) whats to run Debian Linux, but BIND9 pthreads
dont work in Linux, do they work in FreeBSD? I want to use FreeBSD just
because it better overall with regards to TCP/IP.

The only performance numbers we got from the other ISP, is that existing
dns servers use about a constanst 400 kbps (bits) of bandwidth.

Thanks in advance
John