Claudio Lapidus <clapidus@gmail.com> writes:
We are a mid-sized carrier (1.2M broadband subscribers) and we are looking for an upgrade in our public DNS resolver infrastructure, so we are interested in getting to know what are you guys using in your networks. Mainly what kind/brand of software and which architecture did you use to deploy it, and how did you do the sizing, all of it would be most helpful information.
Unsurprisingly, we (AS1280, AS3557) run BIND 9. see <http://www.isc.org/>. We have at least two recursives in each AS1280 site, and one in each AS3557 location (f-root). Stubs (either /etc/resolv.conf or DHCP) each use all local plus some non-local, for a minimum of three total. Recursive DNS servers do not use forwarding or other cache-sharing techniques, each is fully independent. Most have DNSSEC validation enabled, and of those, all are subscribed to ISC DLV, see <http://dlv.isc.org/>. Most server hosts here run FreeBSD on AMD64/EM64T or else i386. -- Paul Vixie KI6YSY