[rbldnsd] regular expression support for rbldnsd
Scott Haneda
talklists at newgeo.com
Thu Aug 13 00:59:47 MSD 2009
On Aug 12, 2009, at 1:22 PM, Steven Champeon wrote:
> on Wed, Aug 12, 2009 at 11:58:50AM -0700, Scott Haneda wrote:
>> Do you have rough performance stats, as queries per second with regex
>> enabled, and without? I think you mentioned 40k/s, but I assume
>> that was
>> with regex enabled.
>
> I mentioned 45K/s, as that's what I get from piping a list of hosts
> through a C program that simply uses the same underlying library to
> do the matching. Obviously, DNS overhead is going to cut down on that
> a bit, but the perf is still good.
>
>> Any idea what you get on the same test setup if you remove the regex
>> from the build entirely?
>
> OK, I took the stock 0.996b, built it out, and ran my test IPs (hosts
> from which my patterns were derived, so pretty much guaranteed not
> to be
> hosts I have blocked via iptables - e.g., none will match) against a
> zone derived from my iptables blocks, and here's the dnsperf output:
Thanks! Very glad you posted that, those stats are impressive for the
app on that hardware. I am about to deploy an idea using a MacMini as
a target machine. I figure, rbldnsd does need really need hard drive,
and all memory. I can put 4GB in that machine, which should load some
rather large zones.
Are you aware of any other issues with OS X as a deployment target? I
hear smatterings of issues with max open files and max open ports and
such, which can be adjusted, but only to a certain point. It may not
even be related, but it did come up on dovecot and I believe postfix.
If there are any other OS X specific issues you have ran into, I would
love to know them.
I am not sure this will help you in any way, but it may help to just
get it out there... I made a rbldnsd portfile for MacPorts, which
makes installing it one command. This software does not update much,
so it probably does not help too many.
http://trac.macports.org/browser/trunk/dports/net/rbldnsd/Portfile
However, your patch may be a good idea to include as a variant, which
would allow one to add in your patch with `sudo port -d install
rbldnsd +regex`
Thanks for the data, it was very good to see.
--
Scott * If you contact me off list replace talklists@ with scott@ *
More information about the rbldnsd
mailing list