BIND 9.4.x and max-clients-per-query
Jan Arild Lindstrøm
jal at telenor.net
Mon Sep 22 07:27:16 UTC 2008
Sorry,
>That is, more than 13 million queries each hour. Mpstat/CPU load is avg. 0.4,
>and core saturation about 20%.
.. it should be utilzation and not saturation.
Regards
Jan Arild Lindstrom
At 07:24 22/09/2008, Jan Arild Lindstrøm wrote:
>At 22:50 20/09/2008, JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= wrote:
>>At Tue, 16 Sep 2008 08:14:43 +0100,
>>Jan Arild Lindstrøm <jal at telenor.net> wrote:
>>
>>> is there really none that can explain why clients-per-query get so high even though
>>> max-clients-per-query = 100.... ?
>>
>>First, please be more specific about operational environment: the
>>exact BIND9 version, not just 9.4.x; build options of BIND9; OS and
>>its version; perhaps also your named.conf.
>
>Hardware: Sun Fire T2000, 16GB, 8 core, 1000Mhz, 32 threads
>OS: Solaris 10 (Generic_137111-03)
>BIND version: 9.4.3b2
>
>SunStudio 12:
> -fast -xtarget=ultraT1 -m64
> ./configure --prefix=/local --localstatedir=/var --with-openssl=/local/openssl --with-randomdev=/dev/urandom \
> --enable-threads --with-libtool --enable-static=yes --disable-shared --sysconfdir=/etc/named
>
>options {
> tcp-clients 1000;
> dnssec-enable no;
> recursive-clients 50000;
> directory "/etc/named";
> recursion yes;
> allow-query { our-nets; };
> allow-recursion { our-nets; };
> allow-query-cache { our-nets; };
> pid-file "/var/run/named/named.pid";
> check-names master ignore;
> check-names slave ignore;
> check-names response ignore;
> sortlist {
> { localhost; // IF the local host
> { localnets; }; }; // Return local addresses
> { 10/8; // IF host on private net
> { 10/8; }; }; // return private addresses
> { localnets; };
> };
>};
>
>Acl "our-nets" = about 100 networks, divided on 5 different acls. Planning to upgrade
>to 9.5.x soon, to speed up acl processing.
>
>>Second, limiting max-clients-per-query doesn't help reduce the number
>>of recursive clients if the same query is sent from different IP
>>addresses.
>
>Auch! Is that really correct? Should it not then be called "max-queries-per-client" and
>not "max-clients-per-query"?
>
>Not to repeat, but:
> clients-per-query, max-clients-per-query
> These set the initial value (minimum) and maximum number of recursive simultanious clients for
> any given query (<qname,qtype,qclass>) that the server will accept before dropping additional
> clients. named will attempt to self tune this value and changes will be logged. The default values
> are 10 and 100.
>
>As I understand the text, it is supposed to be a limit on number of queries for any given query,
>regardless of client/IP address. And not a limit on number of queries per client.
>
>Am I totally wrong?
>
>>Third, having 49662 recursive clients looks so extraordinary. I
>>suspect that the real problem is somewhere else.
>
>ns11(root) OLD 503# wc -l query.log*
>13773918 query.log
>13761647 query.log.0
>13779648 query.log.1
>13781716 query.log.10
>--CUT--
>
>Logs are rotated every hour.
>
>That is, more than 13 million queries each hour. Mpstat/CPU load is avg. 0.4,
>and core saturation about 20%.
>
>>---
>>JINMEI, Tatuya
>>Internet Systems Consortium, Inc.
>
>
>Thanks
>Jan Arild Lidnstrom
More information about the bind-users
mailing list