Verisign fun.

Sean Chittenden sean at
Thu Sep 18 11:58:32 PDT 2003

> We just moved from bind9 to djbdns, and we we were running djbdns
> previously so we had about 4 months under bind9.  I prefer djbdns
> but as we also moved to FreeBSD I trust it performs even better :-)

Don't get me wrong, I love djbdns's security record and its low
maintenance.  After having used it for 3 years without real incident
other than random ISPs being periodically unable to lookup DNS info
from my name servers and said performance problem, I'm not knocking
djbdns... but under higher load, it falls apart (big issue for me).  I
love that BIND has an actual config file though and lets you do nifty,
tricky things if need be.  With bind9-dlz, other than security
concerns, I don't miss djbdns at all (though it is more complex than

> What is the query volume you mentioned anyway ? 

More than 500 requests per second for authoritative DNS info.  I never
had a problem with dnscache, but never pushed it that hard either.


Sean Chittenden

More information about the freebsd-isp mailing list