We are trying to determine what we will need in terms of hardware and bandwidth to run a DNS server which will be an authority for say 5,000 domains. The web servers get a few hits per second. (These are small sites, hence the slanted numbers).
We were planning on using BIND or some other unix-friendly DNS server daemon for this, probably on Linux or FreeBSD. I have no idea how many DNS queries this type of www load will generate, or how much bandwidth it would use, or how expensive the queries are in terms of processing and memory use.
Does anyone here have experience with DNS in the wild?
DNS is a very simple protocol that incorporates a TTL (Time to Live) into it's response data. That being said, a single user browsing www.mysite.com will only ask for DNS once every X minutes (Default is usually 1 hour, or so). I'm only pointing this out so that it's clear that the number of hits per second isn't so important as the number of unique hits per second.
Also, considering that ISPs offer DNS servers to their clients, the number of requests that actually make it back to the SOA is far lower than the number of people who are visiting your site. Say, for example, 50,000 people in Eastern MA on Verizon DSL visit your site in the space of 1 hour, that's only likely to generate a handful of DNS requests which you have to respond to. Verizon would be doing it's own level of caching.
A single request is absolutely no work (relatively) for current hardware. 5,000 domains worth of zonefiles would fit on your average thumb drive.
I would recommend that you get yourself 4 mid-range servers with redundant disks and set up a DNS infrastructure in two locations. This way you have redundancy at each site, and geographically as well. Consider this: If your location were go to dark, how would you serve DNS for the 5,000 domains?
You won't need too much. Even a relatively modest box these days can do 20,000+ UDP queries per second running BIND (more if running NSD).
I've actually just been benchmarking BIND for UDP and TCP performance, and got 23k queries per second for UDP. That particular server has 2GB RAM a a 2.0 GHz Xeon E5335 quad-core processor.
Personally I'm running DNS for about 40 domains on 3 VMs behind a load ballancer (sadly all in one site). The machines have basically 0 CPU and memory load on them besides the basic OS.
We've got MRTG style reports for the bandwidth for each VIP, and the two DNS VIPs show less then 1k of bandwidth average (we've got about 40k customers hitting us daily).
The only stats I have on DNS are from my personal server farm (personal site, projects, hosting for freelance clients) as I don't run the DNS machines at work. This is for about 6 domains, with about 15,000 WWW views per month. The servers are both older HP Proliants, dual 1.4GHz pentium, 2GB RAM, and both are hosting more than DNS (also DHCP and a slew of other services). I have a script that pulls query stats every hour. I'm seeing an average of 21M queries on my primary server and 100k queries on my secondary each day. The BIND process doesn't even show up in top.
I've seen over 5000 domains hosted on a relatively old Opteron processor with 1GB of RAM.
Obviously one was in a location, and the other in another geographical location, for redundancy purposes. RAID-1 may be sufficient, as long as it's hardware RAID.
Using n+1 redundant datacenters and quality hardware may be crucial to how much uptime you will have and how long the lifespan of a server will be.
Each server setup is different.
Try to use commercial load tools that can generate DNS traffic which fits your traffic pattern.