Internet DNS forwarders causing Intranet DNS servers to be unresponsive?
peter h
tsar.peter at gmail.com
Wed Apr 27 10:22:05 UTC 2005
"paulette mudrey" <paulette_mudrey at hotmail.com> wrote in message news:<d4lig2$13o6$1 at sf1.isc.org>...
> We have 2 intranet DNS servers that point to our 2 internet DNS servers as
> forwarders and we have noticed that if we have problems with our Internet
> connection that the intranet DNS servers are unresponsive. In one case we
> got the following errors and had to restart named:
>
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 172.17.100.9#53:
> no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client
> 172.17.133.5#10001: no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client
> 10.0.227.214#1829: no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 10.0.165.55#1737:
> no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client
> 172.16.1.31#36332: no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 172.31.101.16#53:
> no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client
> 172.17.133.5#10001: no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.1.87.157#3486:
> no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 172.17.100.9#53:
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.1.86.149#1031:
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.0.168.30#2617:
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.0.75.37#1030:
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 172.31.101.16#53:
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.1.87.96#4206:
> no more recursive clients: out of memory
> Apr 21 14:39:43 hpadm1 /usr/local/sbin/named[1033]: mem.c:1540:
> INSIST(mpctx->allocated > 0) failed
>
> In another case the intranet DNS servers would not even reply to internal
> DNS queries or for anything in it's cache. I read in the "DNS and BIND"
> book (fourth edition - p. 334 Single point of failure) that this should not
> be the case and that they should reply to anything they have in their cache
> or that they are authoritative for. Could they just be too busy trying to
> reply to internet DNS queries that are taking longer than usual? Is there a
> better way to set this up??
>
> We are running BIND 9.1.3 on HPUX 11.0.
>
> Paulette
You seem to be out-of-memory for your bind. In addition bind-9.1.3
is historic, upgrade !
With a recent bind-9 you should be able to raise your "recursive-client"
in the 'options' section of your configuration.
Regards
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's FREE!
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
More information about the bind-users
mailing list