DNS performance issues
Nate Duehr
nate at natetech.com
Wed Apr 4 21:03:33 UTC 2001
On Wed, Apr 04, 2001 at 03:14:44PM -0500, lawrence.a.kravets at us.arthurandersen.com wrote:
> We are seeing massive performance issues of this box that provides
> name service for 10,000 users. Should this Sun box running Solaris 2.6 and
> only running Bind 9.1.0 be able to handle the following load. Below is a
> snapshot of 1 hour. Do these numbers seem high? Does anything really stick out
> as
> abnormal?
>
>
> Per Hour Per Min Per Sec.
> success 147487 2458.11 40.96
> referral 84 1 .4 .02
> nxrrset 293 4.8 .08
> nxdomain 166935 2782.25 46.37
> recursion 84716 1411.93 23.53
> failure 52146 869.1 14
>
> Totals 451661 7527.59 124.96
Hi Larry,
I'll leave the answer to your direct question to the Solaris experts as
they'll know better what the Sparc architecture will support running
BIND 9, however...
Carefully consider whether or not there are any network bottlenecks
between your users and your nameserver. Recently I ran into a situation
where a nameserver was blamed as having a performance problem and the
root cause was that a Firewall-1 machine between my server and the
machines requesting DNS service was running out of UDP connections in
its state table.
Made the DNS server look bad, and it wasn't the DNS server's fault.
(And typical of corporate environments, I have no access to the firewall
or any of the network equipment in-between so I had to prove that
packets leaving one network were simply not reaching the other network
with NTP-synched log files before anyone would look into it for me...
all the while complaining, "There's no way it could be the firewall's
fault!")
--
Nate Duehr <nate at natetech.com>
GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2
Public Key available upon request, or at wwwkeys.pgp.net and others.
More information about the bind-users
mailing list