Memory leak in bind 9.3.0 with DNSSEC
Bernhard Ager
ager at in.tum.de
Thu Feb 24 15:59:13 UTC 2005
Hi,
I'm running a testbed with about 100.000 zones generated from
real-world data to test the performance of DNSSEC in comparison to
DNS. Software is bind 9.3.0 on Debian GNU/Linux.
Test scenario:
- 1 resolver
- several name servers hosting the zones, all of which are signed
- one load generator querying the resolver
For this test, a set of 100.000 queries was chosen and repeatedly
replayed against a freshly started resolver using the 'dig' tool.
After each run, memory consumption was measured by reading field 23
(vsize) of /proc/<PID>/stat.
With pure DNS, memory consumption of the resolver stays pracitcally
the same after the first run. With DNSSEC however, memory consumption
increases as shown in the table below.
#runs | mem usage | delta
---------------------------
1 | 101 MB | +101 MB
2 | 108 MB | +7 MB
3 | 157 MB | +49 MB
4 | 163 MB | +6 MB
5 | 212 MB | +49 MB
6 | 218 MB | +6 MB
7 | 225 MB | +7 MB
8 | 235 MB | +10 MB
9 | 280 MB | +45 MB
10 | 288 MB | +8 MB
After the first run, the resolver cache is primed, so all further
queries should not increase the size of the cache. Dispite this, the
size increases, so this strongly indicates a memory leak in DNSSEC
code, or am I missing something?
Cheers,
Bernhard
--
Isn't making a smoking section in a restaurant like making a peeing
section in a swimming pool?
More information about the bind-users
mailing list