BIND listen backlog too small
Shawn Zhou
shawnzhou00 at yahoo.com
Thu Oct 16 22:07:39 UTC 2014
This is for one of our masters which has about 20K zones and handles zone transfer traffic from few hundred of our slaves.
On Thursday, October 16, 2014 2:27 PM, Barry Margolin <barmar at alum.mit.edu> wrote:
In article <mailman.1083.1413494517.26362.bind-users at lists.isc.org>,
Shawn Zhou <shawnzhou00 at yahoo.com> wrote:
> Hello,
> While I was investigating potential SYN flooding warning messages on my Linux
> box for our DNS traffic,I was very surprised to see the backlog was set to
> very small numbers for BIND tcp sockets.
> strace showed backlog was '10' for listening socket for port 53 and '128' for
> listening socket for port 953 (rdnc traffic).
> I've restarted BIND after I updated somaxconn but BIND didn't pick up the
> value.
> Why doesn't BIND set the backlog to a huge number and let OSes reduce it to
> whatever somaxconn is? Or just set backlog to whatever is is set for
> somaxconn?
Since TCP queries should be infrequent, why does it need a high backlog?
It seems like it's already increasing it, IIRC the default is 5.
--
Barry Margolin
Arlington, MA
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20141016/3ee9e234/attachment.html>
More information about the bind-users
mailing list