[Dnsmasq-discuss] Speed comparison dnsmasq <-> unbound?
rob0 at gmx.co.uk
Sun Feb 16 14:06:48 UTC 2014
On Sun, Feb 16, 2014 at 07:38:37AM +0100, Oliver Rath wrote:
> did somebody some speed comparison tests for the dns caching
> functionality between dnsmasq and unbound (http://unbound.net/)?
Compare apples to apples. You're not doing that.
Dnsmasq is a DNS forwarder. Unbound is a DNS resolver. Unbound
actually does the work of accepting recursive queries and then
performing the iterative queries to find the answer.
Dnsmasq simply hands off these queries to a backend resolver, such as
BIND named or unbound. Accordingly, I'd expect dnsmasq to be faster,
but noting that the comparison is meaningless.
> Ive read that unbound is the fastest dns caching server including
> dnssec support, but I could imagine, that dnsmasq has the same
> speed (or better).
I've read a lot of things on the Internet. Some of them might have
been true. Unqualified claims of "speed" are usually bogus. Such
claims are especially difficult to establish in the realm of DNS,
because your apparent speed is largely dependent upon random third
parties' servers and the speed of their Internet connections.
Do you have a link to these speed studies? I'd like to see them.
> Unbound is the new standard dns caching server in FreeBSD 10 and
> replaces bind.
IIUC that's only partly true. BIND is a complete DNS implementation,
whereas unbound is only a caching resolver. Those who are serving
authoritative DNS to the world also need an authoritative DNS server
such as BIND named or NLNetLabs' NSD.
Note, best practice usually demands separation of authoritative DNS
service from recursive service. Unbound/NSD were began with this
understanding, whereas BIND has roots going back to the very
beginnings of DNS.
(The fact that named can do it all in one notwithstanding, this is
not what ISC recommends. But it is a convenience for some small,
internal-only sites, where that might override security concerns.)
> Just for interest.
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
More information about the Dnsmasq-discuss