Recursion ceases for 5-10 minutes at random intervals throughout, the day
Bill Springall
springall at fuse.net
Thu Feb 21 06:02:10 UTC 2008
I apologize, Daniel, I lost your message at work...
We did run into the same problems, from what I have heard from the
previous DNS admin. He was actually a little nervous about me opening
the cache on the servers with this new release under customer load. To
appease him after the problem cropped up I added the old values back
into our include for named.conf (with his comments) for some soak time:
max-cache-size 400m; //max cache size 400MB
cleaning-interval 30; //clean cache every 30 minutes
and
max-cache-ttl 60; //limit cached records to a 60s TTL
max-ncache-ttl 60; //limit cache neg. resp. to a 60s TTL
I'm glad the developers fixed the issues. I have wondered how much
work those last servers actually had to do to keep up.
Unfortunately, I can't lock down the ip blocks any further, although I
have certainly wanted to after a select few abusive customers have tried
to go on all night nxdomain/servfail-fests.
Thanks for your response!
- Bill
> We had similar problems with earlier BIND versions, once the cache size
> hit certain level, server started to drop queries at short, irregular
> intervals. We have found out that there was a relation to regular cache
> maintenance bind does. The problem disappeared in later versions when
BIND
> started to use more efficient memory allocator, but you might have
heavier
> querry traffic.
>
> If you provide DNS resolver to a limited base of users, try to limit
> recursive queries to IP blocks of your clients - spammers using open DNS
> resolvers for massive MX record searches eat a lot of memory, since each
> recursive query allocates some.
>
> Hope it helps somehow, write me for details if you wish.
>
> Best Regards
>
> Daniel Ryslink
> System Administrator
>
More information about the bind-users
mailing list