bind9 (9.3.1) stops responding on interfaces
Mark Andrews
Mark_Andrews at isc.org
Tue Dec 20 22:28:42 UTC 2005
> Hi guys,
>
> Running 2.6.14 on a Debian box with bind 9.3.1, and after about 10-15
> minutes of serving requests certain interfaces that bind is listening on
> appear to become "flooded" by requests - and bind stops responding to
> any queries on those addresses.
>
> The other addresses used continue to operate as normal.
>
> We run two seperate views on each bind installation, and I can repeat
> this with two machines both running the same version of bind, operating
> system and kernel.
>
> When I say flooded, the netstat output shows the UDP Recv-Q for the port
> binding like so:
>
> udp 0 0 x.x.x.15:53 0.0.0.0:*
> udp 0 0 x.x.x.11:53 0.0.0.0:*
> udp 103340 0 x.x.x.10:53 0.0.0.0:*
>
> I can't trace this back to occurring after any particular event, but if
> there's any diagnostics anyone can think of running to narrow this down
> - I'd be happy to do them.
Workout which file descriptor this is (lsof) then workout if
named is still looking for read events on this descriptor (gdb).
> This particular interface (.10) will be the one getting the most
> requests by far, if that's any use. I've checked firewall rules etc, and
> everything seems correct for normal operation.
>
> The only thing that can be done to mitigate the issue is to restart
> bind, and the problem goes away (for the next 10-15 minutes).
>
> Thanks a lot,
> Chris.
>
> --
> Chris Murton
> e: chris at areti.net, t: +44 (0)20 8315 5800
> Areti Internet Ltd, http://www.areti.net
>
> --
> This message has been scanned for viruses and dangerous content by the
> Areti Internet Ltd email scanning service, and was found to be clean.
> http://www.areti.net/
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list