DNS caching: Squid, BIND or anything else?

Mark Terribile materribile at yahoo.com
Sat Aug 6 14:31:23 GMT 2005

> +++ B. Bonev [05-08-05 12:02 +0300]:
> | > My question is what's the difference between Squid DNS caching and
> | BIND
> | > and other programs that cache DNS requests?
> | 
> | BIND is a DNS server. It will reply to DNS queries from others. Squid
> | DNS won't reply to others DNS queries.
> | 
> | I want just DNS caching. Is Squid is enough for that task?
> I think you are misunderstanding something. Can you please tell us what
> exactly you are trying to achieve? As per my understanding, if you are
> looking for DNS caching, you can't use squid. You need DNS caching
> server, which can be BIND (comes in base system).

It's been about four years since I had the hood open on squid, so I'll
hazard a guess based on my work on another web cache (that didn't reach
the market due to some bad corporate strategy).

BIND will provide DNS caching as a service to other programs; that's its
job.  If squid or any other program NOT in the DNS business does DNS caching,
it's to improve its own performance.  How?  Well, for one thing, going out
to BIND requires messaging to another process.  That slows things down.
For another, the basic name-server library interface is blocking.  If you
want to use a few threads, running non-blocking and moving fast, you have
to send those messages out yourself.  (Why not use threads?  If you're
handling over a thousand requests per second, any backlog on DNS could put
thousands of lookups on hold; that's thousands of threads and you're tying
up megabytes instead of the tens or hundreds of bytes that a lookup-in-
progress record would take.  You could also be tying up a socket and file
descriptor for each, which is a greater cost on a cache.  Ask someone about
the time to shut down the tcp FDs that the web uses.)  If you're going to
go to that much trouble, you might as well cache the results; you'll be
getting back the expiration time information anyway.

On the other side, the DNS system can deal with many kinds of records.
Squid only cares about those that it needs to resolve web page lookups.
And it doesn't want to cache any that it doesn't need, because that
takes valuable main memory.  What's more, if a web page isn't needed in a
while, squid >could< drop the records from the cache, even if they haven't
expired.  BIND might be forced to do that, too (I don't know) but it could
also keep them on disk for a while.  Squid has another job to worry about.

So if squid does DNS caching, it's almost certainly doing it for its own
benefit, and not paying the price of being a generic DNS server.

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

More information about the freebsd-questions mailing list