[Dnsmasq-discuss] FW: Cachesize

Eric Luehrsen ericluehrsen at hotmail.com
Tue Apr 11 03:26:28 BST 2017

Hi Nathan,

Just thinking out loud:

 > There is only about 1000 endpoints of various types, from residential 
to business.

Having worked with Unbound and dnsmasq, I would say the proverb "right 
tool for the right job applies." I would guess not all 1000 endpoints 
are on one subnet, maybe half-dozen, correct? If you had dnsmasq running 
an instance for each subnet, then that might be a bit more reasonable. 
If you want just one VM and one server, then I might suggest Unbound. 
Its as easy to configure, and you can just recurse the global Internet 
instead of forward (or forward or both or whatever). If you don't 
DHCP-DNS in one, then Unbound is going to work for you.

 > It only came about because I noticed the quantity of traffic to other 
resolvers was a lot more than I expected and I guessed caching would 
improve the experience for the end users.

That depends on a lot of things. Statistics would need to be collected 
to be sure. Compare common cache queries that expire versus unique 
queries. If your cache pushes "google.com" out, then that may be a 
problem. If its all the click bait on news sites creating unique DNS 
lookups to a rotating army of ad-sites, then there isn't much to do.

 > The only things I use are setting minimum cache ttl to 30 mins...

That is pushing the edge for certain cases. Server rotation may make 
some clients connectivity go dead for that 30 mins. Small business 
customers with small business web-site/email providers can suffer worse 
when small business server farm providers make things "difficult."

Hope it helps.

More information about the Dnsmasq-discuss mailing list