From owner-freebsd-stable@FreeBSD.ORG  Thu Jul 31 19:53:03 2008
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 533CD106568A
	for <freebsd-stable@freebsd.org>; Thu, 31 Jul 2008 19:53:03 +0000 (UTC)
	(envelope-from sthaug@nethelp.no)
Received: from bizet.nethelp.no (bizet.nethelp.no [195.1.209.33])
	by mx1.freebsd.org (Postfix) with SMTP id 8F72C8FC18
	for <freebsd-stable@freebsd.org>; Thu, 31 Jul 2008 19:53:02 +0000 (UTC)
	(envelope-from sthaug@nethelp.no)
Received: (qmail 88835 invoked from network); 31 Jul 2008 19:53:00 -0000
Received: from bizet.nethelp.no (HELO localhost) (195.1.209.33)
	by bizet.nethelp.no with SMTP; 31 Jul 2008 19:53:00 -0000
Date: Thu, 31 Jul 2008 21:53:00 +0200 (CEST)
Message-Id: <20080731.215300.74706878.sthaug@nethelp.no>
To: freebsd-stable@freebsd.org
From: sthaug@nethelp.no
In-Reply-To: <20080722.200709.74704291.sthaug@nethelp.no>
References: <20080722162024.GA1279@lava.net> <48860CBA.6010903@FreeBSD.org>
	<20080722.200709.74704291.sthaug@nethelp.no>
X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: FreeBSD 7.1 and BIND exploit
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jul 2008 19:53:03 -0000

I wrote in an earlier message:

> I've been trying out unbound-1.0.1 on a 7.0-STABLE box (2.67 GHz i86,
> uniprocessor, 32 bit mode, 2 GB memory).
> 
> Don't know what I'm doing wrong so far - but I've been unable to scale
> Unbound to more than a couple of hundred q/s.  Any more than that and
> I get serious (several hundred ms) delays on lots of queries, including
> stuff which is known to be in the cache.
> 
> I'll be doing some more Unbound tests the next few days. For now, both
> CNS and PowerDNS handle our load (around 2.5K q/s) fine.

As a followup: I'm now happily running Unbound (together with Nominum
CNS) in our standard anycast configuration. I've gotten Unbound to
handle our regular query load of 2000 - 2500 q/s just fine.

Steinar Haug, Nethelp consulting, sthaug@nethelp.no