how to debug "no more recursive clients"
Len Conrad
LConrad at Go2France.com
Thu Feb 9 19:07:08 UTC 2006
> > We have "forwarding DNS" setup, where all the internal DNS "forward
> > first" to our recursive-only rns1 and rns2 (recursive ns).
> >
>
>Why would you do that?
So all our forwarding DNSs benefit from the consolidated, system-wide
caches on rns1/2. At 30 createfetches/second from rns1, our DNS
traffic is pretty high.
>Just have them do it themselves. There's no
>advantage to forwarding by doing what you are doing and in fact
Many of our MTAs running in parallel and running BIND do the same
queries, so having those answers cached speeds up a lot of queries,
esp often-very-slow PTR and RBL queries.
>as you
>are finding out, considerable disadvantages.
The problem is not our system design which has worked for many weeks
without problems, but what caused BIND9 to hit the 1000 recursive
client limit twice, when the avg recursive client count is less than 60.
Len
_____________________________________________________________________
http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites
More information about the bind-users
mailing list