From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-server+bounces-3655-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1RSYTa-0006J0-P0
	for garchives@archives.gentoo.org; Mon, 21 Nov 2011 18:20:18 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id A029121C0B9;
	Mon, 21 Nov 2011 18:19:51 +0000 (UTC)
Received: from zeus.simkin.ca (zeus.simkin.ca [72.51.27.124])
	by pigeon.gentoo.org (Postfix) with ESMTP id 1C3F221C07C
	for <gentoo-server@lists.gentoo.org>; Mon, 21 Nov 2011 18:19:09 +0000 (UTC)
Received: from skynet.simkin.ca (vpn.reinvent.com [72.51.27.50])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by zeus.simkin.ca (Postfix) with ESMTPSA id 8EB402708B3
	for <gentoo-server@lists.gentoo.org>; Mon, 21 Nov 2011 10:19:09 -0800 (PST)
From: Alan Hodgson <ahodgson@simkin.ca>
Organization: Simkin Network Consulting
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] Failover-capable DNS server?
Date: Mon, 21 Nov 2011 10:19:04 -0800
User-Agent: KMail/1.13.7 (Linux/3.0.6-gentoo; KDE/4.6.5; x86_64; ; )
References: <CAA2qdGXpBUzz7Q0HQ3JqawemdQhQmBJUUEiQAGpVFMvmq2cRnQ@mail.gmail.com> <201111210916.31403.ahodgson@simkin.ca> <CAA2qdGVLSsy0wNkk0ZF97hZ4zCSS_4yq-GPXEbaFp5p8srTf5g@mail.gmail.com>
In-Reply-To: <CAA2qdGVLSsy0wNkk0ZF97hZ4zCSS_4yq-GPXEbaFp5p8srTf5g@mail.gmail.com>
Precedence: bulk
List-Post: <mailto:gentoo-server@lists.gentoo.org>
List-Help: <mailto:gentoo-server+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-server+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-server+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-server.gentoo.org>
X-BeenThere: gentoo-server@lists.gentoo.org
Reply-to: gentoo-server@lists.gentoo.org
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201111211019.04552.ahodgson@simkin.ca>
X-Archives-Salt: 0bcc526a-65d7-420a-84bb-09094c21d2d0
X-Archives-Hash: b607055e77602d87cbf9978954c31079

On Monday 21 November 2011 09:39:02 Pandu Poluan wrote:
> One question, though: Its PowerDNS really good? Performance-wise,
> security-wise, or whatever-wise? Any 'gotcha's I need to be aware of?
> 

It's fast and reliable. It hasn't had frequent security issues, although it's 
no tinydns. I've run it for years under reasonably heavy load (several 
thousand queries per second) without any problems. 

Gotchas - major version upgrades seem to take a while to shake out the bugs. 
And there are some legacy oddities around CNAMEs due to a past history of 
combing recursive functions with the authoritiative server. With the pipe 
backend you need to be really careful in your script to only serve the records 
you think you're serving. Nothing too serious, imo.