[SURBL-Discuss] DNS load on slartibartfast.pa.net

Jeff Chan jeffc at surbl.org
Sun Oct 31 14:11:37 CET 2004


On Monday, April 12, 2004, 8:10:41 PM, William Stearns wrote:
> Good evening, all,
>         It's still early in the project, but a few quick observations.  
> Using dnstop and tethereal, I've seen that in the last 24 hours we've had
> 570K DNS queries to slart, the 5th/6th nameserver for {sa,sc}.surbl.org.  
> 84% of those - 475K queries - have been to surbl.org.  The next closest
> was in-addr.arpa with 12K and 7500 or less for everything else (that
> "everything else" category includes being a primary or secondary for 130
> other domains and the primary nameserver for 28 machines).  Of that 475K,
> 400K were to sc.surbl.org and 43K to sa.surbl.org.  I suppose the rest
> were to jeff.chan.rox.surbl.org.  *smile*    [ :blush:  -- Jeff C.]
>         More recent nameserver stats show the RBL is hovering around 90.2% 
> of the queries to that nameserver.

>         Oh, and did I mention that the nameserver is running on one of 27
> User-Mode Linux virtual machines (*) running on top of a dual 1.4Ghz P3?  
> The host machine load runs from 3.0 - 5.0 (but 2 of that is from the
> distributed.net CPU sponge, so really the load is 1.0 - 3.0). It'll be
> interesting to see just how high the load goes as more people come on,
> especially when SA 3.0 comes out.
>         *gulp*  :-)
>         Cheers,
>         - Bill

> * http://66.59.109.137:1500 , 
> http://www.stearns.org/slartibartfast/uml-coop.current.html

Thanks for the timely stats Bill!  Someone just inquired what
would be involved in being a secondary.  I will forward him your
data.

We will definitely be needing more secondaries.

We could increase the TTL on sc to something higher, but that
could add some latency to the catching of new domains.  10
minutes is pretty short, but there are other RBLs with short
TTLs.  Here's a sample of some others.  Comments welcome:

> sc.surbl.org
>         origin = ns1.freeapp.net
>         mail addr = zone.surbl.org
>         serial = 1081827731
>         refresh = 600 (10M)
>         retry   = 300 (5M)
>         expire  = 604800 (1W)
>         minimum ttl = 600 (10M)

> list.dsbl.org
>         origin = a.list.ns.dsbl.org
>         mail addr = admin.dsbl.org
>         serial = 1080300617
>         refresh = 600 (10M)
>         retry   = 300 (5M)
>         expire  = 86400 (1D)
>         minimum ttl = 600 (10M)
> 
> sbl.spamhaus.org
>         origin = need.to.know.only
>         mail addr = hostmaster.spamhaus.org
>         serial = 2004032608
>         refresh = 3600 (1H)
>         retry   = 900 (15M)
>         expire  = 604800 (1W)
>         minimum ttl = 300 (5M)
> 
> dnsbl.njabl.org
>         origin = ns1.njabl.org
>         mail addr = help.njabl.org
>         serial = 1080298387
>         refresh = 10800 (3H)
>         retry   = 1800 (30M)
>         expire  = 720000 (1w1d8h)
>         minimum ttl = 900 (15M)
> 
> korea.blackholes.us
>         origin = scarlatti.shakha.com
>         mail addr = hostmaster.blackholes.us
>         serial = 2003120601
>         refresh = 3600 (1H)
>         retry   = 900 (15M)
>         expire  = 1209600 (2W)
>         minimum ttl = 43200 (12H)
> 
> spam.dnsrbl.net
>         origin = ns1.namesystems.net
>         mail addr = dns\@namesystems.net
>         serial = 2004031600
>         refresh = 3600 (1H)
>         retry   = 900 (15M)
>         expire  = 864000 (1w3d)
>         minimum ttl = 3600 (1H)
> 
> hil.habeas.com
>         origin = ns1.habeas.com
>         mail addr = root.habeas.com
>         serial = 33
>         refresh = 3600 (1H)
>         retry   = 1200 (20M)
>         expire  = 604800 (1W)
>         minimum ttl = 86400 (1D)
> 
> relays.ordb.org
>         origin = a.ns.ordb.org
>         mail addr = hostmaster.ordb.org
>         serial = 1080300600
>         refresh = 600 (10M)
>         retry   = 300 (5M)
>         expire  = 604800 (1W)
>         minimum ttl = 1800 (30M)

Are there any DNS tricks for dealing with quickly changing zones
other than short times?

Jeff C.
-- 
Jeff Chan
mailto:jeffc at surbl.org
http://www.surbl.org/



More information about the Discuss mailing list