DNS hardware requirements have traditionally been quite modest. For many installations, servers that have been pensioned off from active duty have performed admirably as DNS servers.
The DNSSEC and IPv6 features of BIND 9 may prove to be quite CPU intensive however, so organizations that make heavy use of these features may wish to consider larger systems for these applications. BIND 9 is now fully multithreaded, allowing full utilization of multiprocessor systems for installations that need it.
CPU requirements for BIND 9 range from i486-class machines for serving of static zones without caching, to enterprise-class machines if you intend to process many dynamic updates and DNSSEC signed zones, serving many thousands of queries per second.
The memory of the server has to be large enough to fit the cache and zones loaded off disk. The max-cache-size option can be used to limit the amount of memory used by the cache, at the expense of reducing cache hit rates and causing more DNS traffic. It is still good practice to have enough memory to load all zone and cache data into memory — unfortunately, the best way to determine this for a given installation is to watch the nameserver in operation. After a few weeks the server process should reach a relatively stable size where entries are expiring from the cache as fast as they are being inserted. Ideally, the resource limits should be set higher than this stable size.
For nameserver intensive environments, there are two alternative configurations that may be used. The first is where clients and any second-level internal nameservers query a main nameserver, which has enough memory to build a large cache. This approach minimizes the bandwidth used by external name lookups. The second alternative is to set up second-level internal nameservers to make queries independently. In this configuration, none of the individual machines needs to have as much memory or CPU power as in the first alternative, but this has the disadvantage of making many more external queries, as none of the nameservers share their cached data.
ISC BIND 9 compiles and runs on the following operating systems:
IBM AIX 4.3
Compaq Digital/Tru64 UNIX 4.0D
Compaq Digital/Tru64 UNIX 5 (with IPv6 EAK)
HP HP-UX 11
IRIX64 6.5
Sun Solaris 2.6, 7, 8
NetBSD 1.5 (with unproven-pthreads 0.17)
FreeBSD 3.4-STABLE, 3.5, 4.0, 4.1
Red Hat Linux 6.0, 6.1, 6.2, 7.0