Interaction of -S and recursive-clients?
Daniel Deighton
ddeighton-isc at aplura.com
Thu May 17 22:09:31 UTC 2012
On 05/17/2012 12:20 PM, Chris Thompson wrote:
> Our local university-wide recursive nameservers have
>
> options { /* ... */
> recursive-clients 5000;
> }
>
> This is meant to be reached only at very bad times indeed. During a recent
> network partition incident, I noticed that named logged
>
> named: general: error: socket: file descriptor exceeds limit (4096/4096)
> last message repeated 1194 times
> named: general: error: socket: file descriptor exceeds limit (4096/4096)
> last message repeated 780 times
>
> a few seconds before it started on
>
> named: client: warning: client 131.111.***.***#*****: recursive-clients
> soft limit exceeded (4901/4900/5000), aborting oldest query
>
> As far as I can see, the only way to increase the socket limit is to use
> -S in the named argument list. Should one always set this (at least as)
> high as the recursive-clients setting? (Actually, I am more tempted to
> try decreasing recursive-clients from 5000 to 4000 as these numbers are
> reached only when the network has gone pear-shaped anyway.)
>
It looks like you are reaching an OS limit for open files. On linux, you
can check this with 'ulimit -n'. Determining the limit will vary for
other operating systems. On what OS are you running BIND?
More information about the bind-users
mailing list