UDP packet loss
Scott S. Bertilson
scott at nts.umn.edu
Thu Jun 8 19:39:42 UTC 2006
> I've tried to find out the cause of some strange resolving problem we
> are experiencing. From time to time, our server seems to ignore some
> requests, while others are answered promptly. It seems to me that the
> problem is UDP packet loss.
...
> RedHat Linux ES release 4, 2.6.9-34.ELsmp kernel, dual Opteron system
> with 6GB ram, no local zones, just resolver/cache. bind-9.3.2-2_EL4
As to possible cause, one thing worth checking is whether
your name server is logging anything substantial via "syslog".
If it is, and if your system is configured as many Linux
systems seem to be (RedHat Enterprise 3 and 4), the default
behavior is that "syslog" does a "fsync" for _every_
message that is logged. This is due to a bug/"feature" of
the Linux implementation of "syslogd". It has the most
drastic effects when incoming log messages are from the
local host and are delivered over a Unix domain socket.
Unlike syslog messages received via UDP, the Unix domain
socket blocks the process instead of dropping the message
when the socket buffer is full.
We had many issues with DNS servers on our campus until we
configured our on-host syslog server to disable the "fsync"
activity. You do this by prepending the file name in
"/etc/syslog.conf" with a "-" as in:
local2.* -/var/log/named.log
Note that we also force our DNS logging to "local2". In
most cases, it probably uses facility "daemon" which likely
ends up in "/var/log/messages". Look for _any_ syslog
destination files with a heavy flux of DNS messages and try
this on all of them.
Scott
More information about the bind-users
mailing list