does bind caches no replies ?
Ladislav Vobr
lvobr at ies.etisalat.ae
Sat Feb 15 07:11:20 UTC 2003
Dear all,
I have noticed in last few days I am facing sometimes performance
problems with bind8.3.4. The load goes high on the server and the named
is taking around 90-95% of cpu time. After some troubleshooting I have
discovered that 50% of all my requests (around 1000/sec) are to some
specific domain. ( this case happen to me several times in last few
days, with infopak.gov.pk or with nopop.net ) All nameservers for those
domains were at that time unreachable and were not responding at all.
What I have noticed is that for each request I get from customer, my
nameservers sends 2-3 requests to each NS records it has for this domain
to retry again and again.
After marking these NS servers as bogus the load has dropped. Is
there any other way how to avoid these request storms, I understand I
can not sometimes stop it from clients, they are affected by virus or
they have some tools like nopop.net and these are creating a storm to
our nameservers when they are not answered, but can I reduce the server
to server communication, and somehow cache the no replies, or at least
schedule the retries in some less resource demanding way. I did some
research but could not discovered how often bind is retrying or what are
the time-outs.
Best Regards
Ladislav Vobr
Etisalat, UAE
-- Binary/unsupported file stripped by Ecartis --
-- Type: text/x-vcard
-- File: lvobr.vcf
-- Desc: Card for Ladislav Vobr
More information about the bind-users
mailing list