[Pdns-users] Recursor forwarder DoT configuration
Otto Moerbeek
otto at drijf.net
Sat Sep 9 08:19:10 UTC 2023
On Sat, Sep 09, 2023 at 08:07:02AM +0200, Christoph via Pdns-users wrote:
> > I do wonder about the purpose of the recursor in the
> >
> > recursor -> dnsdist -> upstream-recursive
> >
> > case. You might as well use
> >
> > dnsdist -> upstream-recursive
> >
> > With a caching dnsdist.
> > Unless you need recursor specific functionality, of course.
>
> It was my impression that dnsdist was meant for smaller caches not for large
> caches in the order of several GB of cached records (with prefetching and
> DNSSEC validation functionality)
If you need DNSEC validation you must use recursor, dnsdist cannot do
that. Others might reflect on the dnsdist cache performance and hit
ratio's compared to recursor's packet cache and/or record cache. Do
note that dnsdist cache is more like the recursor's packet cache. The
recursor's record cache is different in purpose and structure.
-Otto
> but if we can remove something in the chain that might probably benefit
> latency, CPU usage and reduce complexity, so I'm very open for suggestions.
> I've also some generic question about cache sizing that I'll put in a second
> email.
>
> We will also publish our entire setup and what we are actually aiming to
> achieve with it. We find it wonderful that dnsdist allows us to offer
> multiple DNS privacy services with distinct privacy properties using a
> single dnsdist configuration.
>
> best regards,
> Christoph
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users
More information about the Pdns-users
mailing list