rndc reconfig causing long timeouts
Tavis Gustafson
tavis at hq.newdream.net
Sat Oct 1 03:04:14 UTC 2005
On Fri, Sep 30, 2005 at 09:20:25PM -0400, Kevin Darcy wrote:
> Tavis Gustafson wrote:
>
> >Hello. We are using bind 9.2.3 on linux kernel 2.4.24 .
> >Our main zone file is 16MB. We are experiencing 30 second lookup
> >timeouts every time we execute an rndc reconfig. We do this only when
> >updating new or removed zones (sometimes doing it every few minutes).
> >Is this beahaviour on par with others' like installations? And is there
> >another way to tell bind about new zones besides the reconfig?
> >When running rndc reconfig, named uses 35% of our system's main memory.
> >During the timeouts named pegs the processor at 99% while disk activity
> >remains relatively calm.
> >
> My understanding is that rndc reconfig *only* looks at and (re-)parses
> the named.conf file, so the size of your zone file is irrelevant, and it
> would explain why you're not seeing any significant disk I/O. More
> important than the size of a zone or all zones would be _how_many_ zones
> you have, and perhaps how complex those zones are (e.g. lots of
> zone-level access restrictions, etc.). If you're doing reconfigs every
> few minutes sometimes, I would expect that you have a *lot* of zones.
> Maybe you should split those among multiple machines.
>
Yes, we have about 171,000 zones, all with multiple cnames like ftp,
mail, www, etc, and sub-domains. I am now thinking that the best way to solve these
timeouts is to make our ns1 machine not be the master on which we run
the rndc reconfig but run the reconfig on a non public master and
have it update our 3 public slave namservers. What is the term for this
type of
setup and is there a good methodology for migrating from what we have now (3
nameservers, ns1 being master).
-tavis
More information about the bind-users
mailing list