Re: Performance Issue for bind-9.4.2-P2 at Linux
Bind Petras
bind at inbox.lt
Mon Sep 22 17:52:02 UTC 2008
I have the same problem, since there is no reply from BroBind, I'll post answers about my system:
- OS kernel version
The problem is noticed on systems running openSUSE 10.1 with kernels 2.6.16.21.-0.13-smp and
2.6.16.27-0.9-smp
- you named configuration (named.conf)
acl LOCAL { 127.0.0.0/8; 192.168.0.0/16; 172.16.0.0/12; };
options {
pid-file "/var/run/named/named.pid";
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
listen-on port 53 { 127.0.0.1; 192.168.3.20; };
listen-on-v6 { none; };
interface-interval 0;
version "TTT";
recursive-clients 50000;
recursion yes;
allow-recursion { LOCAL; };
allow-query { LOCAL; };
allow-query-cache { LOCAL; };
};
zone "." in {
type hint;
file "root.hint";
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
- initial log messages when you start named with the same command-line
options plus '-g'
# /usr/local/sbin/named -g -n 4 -u named
22-Sep-2008 20:43:05.197 starting BIND 9.4.2-P2 -g -n 4 -u named
22-Sep-2008 20:43:05.197 found 4 CPUs, using 4 worker threads
22-Sep-2008 20:43:05.199 loading configuration from '/etc/named.conf'
22-Sep-2008 20:43:05.200 listening on IPv4 interface lo, 127.0.0.1#53
22-Sep-2008 20:43:05.201 binding TCP socket: address in use
22-Sep-2008 20:43:05.201 listening on IPv4 interface eth1, 192.168.3.20#53
22-Sep-2008 20:43:05.203 binding TCP socket: address in use
22-Sep-2008 20:43:05.247 automatic empty zone: 127.IN-ADDR.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 254.169.IN-ADDR.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 2.0.192.IN-ADDR.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone:
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone:
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: D.F.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 8.E.F.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 9.E.F.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: A.E.F.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: B.E.F.IP6.ARPA
22-Sep-2008 20:43:05.256 couldn't add command channel 127.0.0.1#953: address in use
22-Sep-2008 20:43:05.256 couldn't add command channel ::1#953: address in use
22-Sep-2008 20:43:05.256 ignoring config file logging statement due to -g option
22-Sep-2008 20:43:05.256 zone 0.0.127.in-addr.arpa/IN: loading from master file 127.0.0.zone failed:
file not found
22-Sep-2008 20:43:05.257 zone localhost/IN: loading from master file localhost.zone failed: file not
found
22-Sep-2008 20:43:05.258 running
22-Sep-2008 20:43:07.195 checkhints: L.ROOT-SERVERS.NET/A (199.7.83.42) missing from hints
22-Sep-2008 20:43:07.195 checkhints: L.ROOT-SERVERS.NET/A (198.32.64.12) extra record in
hints
- number of sockets named actually opens when you see the many
SERVFAILs (use lsof for example to see this)
# lsof -n | grep -c named
11890
My configure options were :
STD_CDEFINES="-DISC_SOCKET_FDSETSIZE384" ./configure --enable-threads
At Wed, 17 Sep 2008 18:12:51 +0800,
"BroBind BroBind" <brobind at gmail.com> wrote:
> We upgraded our Caching-Publishing DNS servers from bind-9.2 to
> bind-9.4.2-P2 at our 4 IBM x346 2 Core CPU 2.80GHz RHEL4-U3 x86_64 and
> 16GB Mem. But we had experienced problems w/ it with too many open files
> problem. We resolved it by increasing the FD_SETSIZE at
> /usr/include/bits/typesizes.h and defining the
> STD_CDEFINES="-DISC_SOCKET_FDSETSIZE at 96" during compilation. Here's our
> configure options:
>
> STD_CDEFINES="-DISC_SOCKET_FDSETSIZE at 96" ./configure
> --prefix=/var/bind/v9.4.2-P2
> --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu
> --target=x86_64-redhat-linux-gnu \
> --with-libtool --enable-threads --enable-ipv6 --with-pic --with-openssl=yes
> --enable-largefile \
> --disable-openssl-version-check
>
> Using iptraf, we're having total rates of around 20Mbps of traffic per
> server. named.stats.txt showed that failure is very high and recursions
> compare w/ success. CPU utilization averages at 40-60 per server and memory
> rise to 20 to 50 % Utilization. We've seen many SERVFAIL from our tcpdumps
> going to legitimate domains and about 3-5 times dig to a domain before the
> queries became sucessful.
Please provide some more information:
- OS kernel version
- you named configuration (named.conf)
- initial log messages when you start named with the same command-line
options plus '-g'
- number of sockets named actually opens when you see the many
SERVFAILs (use lsof for example to see this)
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
Advertisement:
Lietuviams reikia dideles pasto dezutes.
Tikrai dideles.
INBOX.LT - 10 GB nemokamas pastas!
More information about the bind-users
mailing list