Large(ish) Deployment

Mon Jun 24 14:46:19 UTC 2019

Hello!

I have no direct answer to all your questions. But you may check
Cloudflare's experience with Unbound here:
https://indico.dns-oarc.net/event/31/contributions/687/attachments/663/1106/Ultimate_Stub-resolver.pdf

We had multiple generations of our deployment and all of them documented
here.

I hope it helps

On Mon, Jun 24, 2019 at 9:46 AM Gabriel Marais via Unbound-users <
unbound-users at nlnetlabs.nl> wrote:

> Good morning,
>
> I was wondering if there is anyone that would offer their
> comments/tips/experience with deploying Unbound on a large(ish) scale.
>
> We are looking at moving away from dnsmasq to something more
> "structured" in order to achieve the following :-
>
> 1. Service around 20 000 devices with DNS Caching services
> 2. Have a more structured deployment: having a few dns edges caches
> linked to master caches which will be using Root servers for lookups
> 3. DNS Stats - which we currently do not have on dnsmasq
>
>
> We are planning to have a few edge caches & masters running in a
> containerized environment (Ubuntu with LXD) behind a load balancer to
> provide the service.
>
>
> My questions are:-
>
> 1. How many edge caches & masters would be required to service around 20
> 000 devices?
> 2. Which Distro are you using? Are there any advantages using something
> like freeBSD over Ubuntu?
> 3. Is it advisable to have the standard out-the-box implementation of
> Unbound and deploy more containers in order to meet the desired 20 000
> devices or is it advised to change the configs/kernel parameters in
> order to make available more sockets and less containers?
>
>
> Regards
>
> Gabriel
>

-- 

*Pavel Odintsov*  |  DNS engineer
pavel at cloudflare.com
<https://www.cloudflare.com/>

1 888 99 FLARE  |  www.cloudflare.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190624/816942f4/attachment.htm>