Bind 9 / Bind 8 / NOTIFY updates and system load
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Tue Dec 23 00:40:18 UTC 2003
Brath, Shane <shane.brath at tdstelecom.com> wrote:
> Bind Users:
> I am having several problems with my Bind Infrastructure lately and I want
> some advice:
> 2 major issues in summary:
> 1: memory grows to exceed system available, when I put some memory
> size limits on the process crashed when it reached the size instead of
> clearing out memory.
> 2: I have about 9000 domains, and have a hierarchical setup, and
> NOTIFY updates are taking sometimes 2-3 hours to be honored by slaves.
> Details:
> Platform: Solaris 8 and 9.
> Software: Resolvers for internal services ( Mail servers ) Bind 9
> (latest)
> Master xfer host is running Bind 9 latest.
> Resolvers for external customer ( Dialup ) Bind 8 ( want to
> move to 9 )
> Setup: All zone data is in a database and is extracted to zone files
> on a xfer master box, all this Bind 9 box does is send Notifies that a zone
> has changed, and it serves up the files to the slaves. This xfer box does
> not allow recursive, and is strictly for updating the slaves.
> Problem 1: I have tried tuning down the datasize to 400m, but
> eventually the server crashes.
> Can someone give me a breakdown on recommended
> settings for a Bind 9
> server where there are on average several hundred q
> per s, as in a nameserver
> for an Email Cluster? If I remove the 400m
> requirement the server will remain stable for
> about 2 weeks and then just start loosing domains.
> Problem 2: Slaves are taking almost 2 hours to actually do a
> transfer of a Notify, is this caused by load? Some config entry? I have the
> parallel number of axfr's allowed set to over 100, there are about 12 slave
> servers all pulling primary zones from one master server. I see the NOTIFY
> go out, and then I watch for how long the slaves take to honor it. Sometimes
> it has taken until midnight, over 6-8 hours from when the change was made?
> Should it take this long.
> I can provide more detail on the above two problems if you let me know
> specifically what you want to know.
> Thanks in advance..
> Shane Brath
The answer is simple ( as regards for #1 ) buy more memory.
It is likley that your second problems will be cured by this too.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list