[Pdns-users] PowerDNS Recursor Performance and Tuning
Otto Moerbeek
otto at drijf.net
Sun Jan 16 08:05:55 UTC 2022
On Sun, Jan 16, 2022 at 09:39:01AM +0330, Hamed Haghshenas via Pdns-users wrote:
> Hello Dears,
>
>
>
> I install PowerDNS Recursor 4.6.0 on CentOS Linux release 7.9.2009. and
> configure it as bellow for Iran IP address. I want use it in my ISP
> environment for large scale and lots of DNS requests.
A more modern distribution might be better. What do you call lots?
> My Server have 4 core 2.6 Ghz (x64) and 8GB Ram (KVM Virtualization), I can
> apply more cpu or ram.
If you have 8G of RAM, likely the default cache sizes could be
enlarged (max-cache-entries for the record cache and
max-packetcache-entries for the packet cache)
Virtulization *could* be an issue, for example when the network
interface is virtualized in a way thet hinders performance.
> Could you please help me that is my configuration correct? How many
> distributor-threads and threads should I use? (same as number of cpu cores
> or more).
Some comments inline below.
>
> Need something to change, or any kernel optimization ?
>
>
> allow-from-file=/etc/pdns-recursor/IP-Iran-List.txt
>
> setuid=pdns-recursor
>
> setgid=pdns-recursor
>
> local-address=127.0.0.1 172.16.1.186
If you are using NAT: this *kills* the performance. See
https://docs.powerdns.com/recursor/performance.html
>
> any-to-tcp=yes
>
> distribution-load-factor=1.25
>
> pdns-distributes-queries=yes
>
> distributor-threads=4
Depending on kernel version and other factors resuseports and multiple
distributor thread might work better or not, best to start with
reuserport=no and distributor-threads=1, test & measure and then
change to yes and 4 and compare performance on your actual setup.
>
> dnssec=validate
>
> dnssec-log-bogus=yes
If you see a lot ot bogus results this might impact performance
> entropy-source=/dev/random
This is likely slow, better use the default setting (leave it out).
>
> logging-facility=0
>
> lowercase-outgoing=yes
why?
> max-tcp-queries-per-connection=10
>
> quiet=no
This amount of logging will kill performance
> reuseport=yes
See above
>
> threads=4
You might want to reduce it to 3 if you use 1 distribnutor thread, as
the total number of threads doing lots of work is distributor threads +
worker threads. This is depedent on your cach hit ratios. Again:
try and measure.
-Otto
More information about the Pdns-users
mailing list