download

Network Services—Internet ServersTo achieve a better rate of packet pick up from NIC, you should enable POLLINGfeature on your network interface (please refer to Chapter 6 for more information).The default configuration for BIND should be sufficient for most deployments.However, there may be cases when you may need to tweak the configuration to getthe most out of your name server. This would involve configuring zone-transferparameters carefully, if you are running an authoritative name server, in addition totweaking TTL and concurrent queries limitation on forwarding/recursivename servers.An example setup for a high performance recursive name server is as follows:options{};directory "/etc/namedb";pid-file "/var/run/named/pid";dump-file "/var/dump/named_dump.db";statistics-file "/var/stats/named.stats";recursion yes;max-ncache-ttl 120;max-cache-ttl 7200;version"Geronimo!";allow-transfer {"none";};listen-on-v6 { none; };notifyno;recursive-clients 5000;minimal-responses yes;interface-interval 0;This is the configuration for a recursive name server than can serve up to amaximum 5000 recursive clients, simultaneously (default in BIND is 1000) and servesonly IPv4 clients.While this forwarding DNS server caches all responses it receives from upstream(including negative responses), you can also tweak the cache aging. This examplecaches the negative responses for 120 seconds and positive responses for 7200seconds (2 hours).ISC BIND is a complicated name server. It is recommended that you read throughthe documentation of the version you are currently using, or refer to related booksfor more detailed information about the functionality and performance tuning.[ 220 ]