[Dnsmasq-discuss] Speed comparison dnsmasq <-> unbound?

/dev/rob0 rob0 at gmx.co.uk
Sun Feb 16 14:06:48 UTC 2014


On Sun, Feb 16, 2014 at 07:38:37AM +0100, Oliver Rath wrote:
> did somebody some speed comparison tests for the dns caching
> functionality between dnsmasq and unbound (http://unbound.net/)?

Compare apples to apples. You're not doing that.

Dnsmasq is a DNS forwarder. Unbound is a DNS resolver. Unbound 
actually does the work of accepting recursive queries and then 
performing the iterative queries to find the answer.

Dnsmasq simply hands off these queries to a backend resolver, such as 
BIND named or unbound. Accordingly, I'd expect dnsmasq to be faster, 
but noting that the comparison is meaningless.

> Ive read that unbound is the fastest dns caching server including 
> dnssec support, but I could imagine, that dnsmasq has the same 
> speed (or better).

I've read a lot of things on the Internet. Some of them might have 
been true. Unqualified claims of "speed" are usually bogus. Such 
claims are especially difficult to establish in the realm of DNS, 
because your apparent speed is largely dependent upon random third 
parties' servers and the speed of their Internet connections.

Do you have a link to these speed studies? I'd like to see them.

> Unbound is the new standard dns caching server in FreeBSD 10 and
> replaces bind.

IIUC that's only partly true. BIND is a complete DNS implementation, 
whereas unbound is only a caching resolver. Those who are serving 
authoritative DNS to the world also need an authoritative DNS server 
such as BIND named or NLNetLabs' NSD.

Note, best practice usually demands separation of authoritative DNS 
service from recursive service. Unbound/NSD were began with this 
understanding, whereas BIND has roots going back to the very 
beginnings of DNS.

(The fact that named can do it all in one notwithstanding, this is 
not what ISC recommends. But it is a convenience for some small, 
internal-only sites, where that might override security concerns.)

> Just for interest.
-- 
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:



More information about the Dnsmasq-discuss mailing list