[Pdns-users] PowerDNS in an ISP environment

Brielle Bruns bruns at 2mbit.com
Tue Aug 16 17:00:16 UTC 2011

On 8/16/11 1:50 AM, bert hubert wrote:
> On Tue, Aug 16, 2011 at 08:38:07AM +0100, Chris Russell wrote:
>> >  Hi All,
>> >
>> >  Quick question - is anyone on the list using PDNS in an ISP environment, especially for auth services ?
> The best I can do is refer to this thread, which lists some data points:
> http://mailman.powerdns.com/pipermail/pdns-users/2011-May/007719.html
> DENIC and SIDN (the .de and .nl registries) still measure PowerDNS at around
> 40%-50% of all their domains.
> You might also want to consider that SIDN and NIC.AT underwrote part of
> PowerDNS 3.0 development, please see the 3.0 release notes for more details.

We use powerdns almost exclusively with the mysql backend.  Our ns1 
hosts around 300 domains on it, with quite a few of them being high 
traffic - ahbl.org for example, which is one of the master name servers 
for all the dnsbl queries.  Several other large DNSbl's also use our ns1 
as a slave for redundancy.  Between the 6 auth name servers in the US, I 
think we do around 3mbits of DNS traffic, and another 2mbits out of Canada.

No problems really, most of our issues were caused by lax config on our 
end that we promptly fixed.  When we did find a pretty major bug during 
the testing of ipv6 records in 3.0, Bert had the problem fixed within 
about 5 mins, and a new build pushed out.  And that's all just by 
hopping on IRC and catching him when he's around.

Is the SLA worth it?  Hell yes, even if you never need to use it, your 
supporting the development. We're too small and not-for-profit based, so 
the contract is not feasible, but I always try to test and share my 
results if needed or asked (feedback is never a bad thing).

Some other things to consider why running PDNS is better:

1) BIND is agonizingly slow when loading lots of zones.  Only recently 
have they bothered to work on that so it doesn't take 6 hours to load a 
ton of domains.

2) Auth and caching services can be run separately, helping keep one 
potential issue from affecting another.

3) Config options are a heck of alot more easy to use/understand

4) Its trivially easy to run multiple backends, including the bind 
backend, and even run multiple server instances isolating types of 
customers, etc.

5) LUA and pipe backends

Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org

More information about the Pdns-users mailing list