Questions about DNS performance
Joaquin J. Domens
jdomens at corp.terra.es
Tue Feb 18 15:54:41 UTC 2003
Yes this is what I've done before posting and maybe there's some "bad
traffci" but it looks normal, that's why I'm asking if this is a normal
"hardware" behaviour ..........
One ything I've noticed it's that I get some SYN_SENT connections (TCP)
to microsoft and cisco dns's in the U.S .......but I don't think this
could affect so much.
Cheers,
10.20.202.84.40080 144.254.71.202.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40081 171.70.145.139.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40082 64.103.101.167.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40083 64.102.6.197.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40087 144.254.10.70.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40088 144.254.10.70.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40090 64.104.14.94.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40091 64.103.101.165.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40092 144.254.71.202.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40093 171.70.145.139.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40094 64.104.14.94.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40095 64.103.101.167.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40101 64.102.6.197.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40102 171.68.227.22.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40104 64.104.14.94.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40105 64.103.101.165.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40107 144.254.71.202.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40108 171.70.145.139.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40109 64.103.101.167.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40110 64.103.101.165.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40111 64.102.6.197.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40113 144.254.71.202.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40114 171.68.227.22.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40115 171.70.145.139.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40116 144.254.71.196.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40117 64.103.101.167.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40118 64.102.6.197.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40119 171.68.227.22.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40120 144.254.71.196.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40121 144.254.10.72.53 0 0 24820 0 SYN_SEN=
T
10.20.202.84.40123 144.254.71.202.53 0 0 24820 0 SYN_SEN=
T
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>=20
> Joaquin J. Domens wrote:
> > What do you mean by this ?
> > Do it looks normal with the outputs I gave you ?
>=20
> I don't have routine access to similar heavily used DNS servers,
> others will be able to answer for similar hardware. I usually
> get to play when they are new, or when they are broke.
>=20
> > I mean with this statistics, is it normal to have a 60% CPU usage?
>=20
> > The servers have configured just the normal zones
> > 127.0.0
> > localhost
> > and the root cache
>=20
> My suggestion is that you take a look at what the servers are
> doing anyway, rather than just asking "does this look vaguely
> normal". Where do the queries come from, where do they go, what
> proportion of them are obviously illegitimate.
> -----BEGIN PGP SIGNATURE-----
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>=20
> iD8DBQE+UjeDGFXfHI9FVgYRAi8YAKC3bssAf6Qmk9Zzo4X9NpC+zVrefQCeNqsJ
> l2HwCJj1nMuhMy8LsEwucgQ=3D
> =3DDQYO
> -----END PGP SIGNATURE-----
>=20
--
--------------------------------------------------
Joaquin J. Domens
=C1rea de Tecnolog=EDa
Departamento de Producci=F3n / Aplicaciones
--------------------------------------------------
Terra Networks Espa=F1a S.A.
Via dos Castillas 7, Pozuelo de Alarc=F3n
Madrid, Espa=F1a
Tel. (34) 91-452-33-71
joaquin.domens at corp.terra.es
--------------------------------------------------
Mercado Continuo: TRR | Nasdaq: TRLY
--------------------------------------------------
http://www.terra.es
--------------------------------------------------
More information about the bind-users
mailing list