named starts up slow when many zones reference the same dnssec-policy

While rolling out KASP to many zones, it is more efficient to use more DNSSEC policies in order to improve reload/reconfig times.

When all zones or referenced by the same dnssec-policy, it takes quite some time to process all zones after reload/reconfig and CPU usage of the named process remains at 100% and it takes quite a few minutes for named to start responding to queries after such a reload/reconfig request.

When spreading my zones to 10 identical policies, cpu usage goes well above 100% (using more threads I assume) and this is speeding things up really nice.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information