Reducing DNS lookups
David Hartburn
D.J.Hartburn at kent.ac.uk
Tue Feb 21 13:10:51 CET 2017
Hi,
For our LDAP queries, we have specified the forest DNS name as the LDAP
server, so that we achieve via DNS a random distribution of queries
against our AD servers. Previously we had hammered the first server on
the list.
This has kept our AD guys happy, but we have noticed that at busy times
our FR servers are doing over 100 DNS queries per second, for the same
thing.
I can not spot anything in the FreeRADIUS config files, but is there any
way to reduce the number of DNS lookups? We are running 3.0.12 on RHEL7.
Outside of FreeRADIUS, we could either make sure each server has a
different /etc/hosts file, which is not ideal, or implementing local DNS
caching seems to be the more sensible way to go. Are there any other
alternatives other people are using?
Yours
Dave Hartburn
More information about the Freeradius-Users
mailing list