g***@zdns.cn
2017-02-09 02:41:37 UTC
Hi all ,
I had one zone which has about more than 15,000,000 domains .
Recently noticed that when add a new domain under this zone almost cost 10 minutes .
But the other zones were regular worked , just cost about 1 minutes to sign one new incoming RR record.(from in-bind throw opendnssec to out-bind).
All zones' config are the same .
Performance test for our HSM , result is 2600 RR/S , but from log the avg is so far from this.
Jan 18 10:28:00 p01-test-devops-9-81 ods-signerd: [STATS] XX 1484705894 RR[count=0 time=10(sec)] NSEC3[count=0 time=2(sec)] RRSIG[new=2 reused=15844627 time=133(sec) avg=0(sig/sec)] TOTAL[time=596(sec)]
How could I speed up the opendnssec to sign this zone timely ?
We used opendnssec version is 1.4.10
Could anybody please help me to fix this issue together?
With kind regards
***@zdns.cn
I had one zone which has about more than 15,000,000 domains .
Recently noticed that when add a new domain under this zone almost cost 10 minutes .
But the other zones were regular worked , just cost about 1 minutes to sign one new incoming RR record.(from in-bind throw opendnssec to out-bind).
All zones' config are the same .
Performance test for our HSM , result is 2600 RR/S , but from log the avg is so far from this.
Jan 18 10:28:00 p01-test-devops-9-81 ods-signerd: [STATS] XX 1484705894 RR[count=0 time=10(sec)] NSEC3[count=0 time=2(sec)] RRSIG[new=2 reused=15844627 time=133(sec) avg=0(sig/sec)] TOTAL[time=596(sec)]
How could I speed up the opendnssec to sign this zone timely ?
We used opendnssec version is 1.4.10
Could anybody please help me to fix this issue together?
With kind regards
***@zdns.cn