[Dnsmasq-discuss] How small is a 'small network'?

[Simon Kelley]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



On 16/11/15 22:05, Norman Gray wrote:
> 
> Greetings.
> 
> The dnsmasq documentation stresses that it's a good solution for
> 'small networks', but how small is small?  The overview seems to
> give as examples home networks, or mentions dnsmasq running in a
> router (implicitly a SOHO router).
> 
> I have what I'd call a medium-sized network of machines to look
> after, which -- depending on how I/we organise the network -- could
> represent between 500 and 1000 machines.  I'd like to provide DHCP
> and caching DNS to a good fraction of them, and provide
> authoritative (intranet) records for perhaps half.  Dnsmasq looks
> like it would be very convenient to use for that, but would those
> numbers tax dnsmasq unduly?


Yes, if you run dnsmasq on a small plastic router, not if you run it
on a decent server.

The DNS side is no problem  at all for these numbers: increase the
cache size by an order of magintude from the default and it will be fine
.

DHCP is slighly more complex: dnsmasq maintains the DHCP lease
database in memory, and every time it changes (lease added, lease
expires, lease removed) then the whole lot gets written out to a file
for persistence. With good hardware and fast disks, that's no problem
at all. With a little router using flash or a USB drive, it might be.
The rate of writing, long term, depends on lease length as well. If
you're using day or week long leases, no problem. If you have huge
turnover of clients and a shortage of IP addresses and have to use
short leases, then the load will be greater.

A final wrinkle with DHCP is that one part of the DHCP protocol
implementation is single threaded, so there's a 3-4 second window when
a new client arrives where no other clients can arrive. That can be a
problem for racks of machines in a datacentre which all get turned on
at the same time. There is a workaround (--no-ping)


> 
> I would guess that DNS and DHCP wouldn't necessarily imply a huge
> load on a machine, but I'd guess also that the load would scale
> roughly with the square of the number of machines being served (or
> perhaps linearly both with the number of machines being served and
> with the number of authoritative local records).
> 
> The machines are heterogenous in use, as opposed to being a
> compute farm, or something else which would suggest that cache hits
> would be unusually common.
> 
> The manpage mentions that 'Dnsmasq is capable of handling DNS and
> DHCP for at least a thousand clients.'  That's about the number of
> clients I'm thinking of, so that's good, but is there a 'with ease'
> elided there, or a 'without overwhelming pain'?  Would I, in short,
> be storing up trouble for myself?
> 


On a decent server, you'll be fine.

One last thing to consider. Dnsmasq doesn't do DHCP failover, so if
you think you really need high availability, you should look a
dhcpcd/BIND.


Cheers,

Simon.

> I couldn't find discussion of this in a quick search of the list 
> archives, but I wasn't really sure what best to search for.
> 
> Thanks for any advice.
> 
> Best wishes,
> 
> Norman
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCAAGBQJWS2d/AAoJEBXN2mrhkTWi8xYP/j/xt+aTCvdIq32wKEoEuxtx
oFgM0Wga2YZ+nHWJV4052HeBh6mSqrpZWuFPTaeO75VB5a/qSDFd09KMNJTYXJ99
dZg9LT/vawsgJ0CsuFZDIj6F3Dm7rrA5OEySKrE+DN2i5mXl0wCdHdHFGV2Q4q0l
iDEo/wZH2/weIBRdoPNj3Xht3f5KwG/bwGAXEFJeX1fpew0vo5rf1sqH/xcwGidr
2g2r8uJFzmeH4xT4gaVkPp6a4Zv0S57iE22LRrtnWbQRYtp8ikm7MUJVSHhYk7Ch
v10cY+EO2U0gWDfnl/f6M513tmMXvsQXbALc3k4SgAEITmo2ArvKy+4JTYiECETV
YzabQ5WkhCLe49YtNywy8rT0bbqOPyvCDoPQnnSCmo7WuZNhiy6uNkKvpia5AXfj
0I7J5LBoh8ovz5Yy9hnj1RfkzIxZP3qvKArBXEYJ98vNRire5Eq27ns5B+bEQ/g8
Yn1JKkfmvs1MdebSLgVkjcln5a0qPMsmSAt+W37J5Tk10F3afTZLp199eKONSQqS
M4aWw+KVJU4NfdSKFP/c33naE4J8JgbMFIgcWW+Jle9uC6fAMQmzz3KTp43vHkrX
fDCl+vxomFyE85IwR/3++AIHpFKsYtN0LoxBAlRw3xBCHO5wUVj43wXBJdbSQQ40
Zf1xP6sOVGSapL+GhLVy
=rHOV
-----END PGP SIGNATURE-----