bind 9.2.1 ON rh9

Mueller, Rex rmueller at esu3.org
Tue Oct 31 19:14:24 UTC 2006 

Thanks Mark and Kevin, 

This helps.. we are thinking we will upgrade to 9.2.4 at minimum. 

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Mark Andrews
Sent: Monday, October 30, 2006 5:28 PM
To: Kevin Darcy
Cc: bind-users at isc.org
Subject: Re: bind 9.2.1 ON rh9 


> Mueller, Rex wrote:
> > We need to look into a problem, can you point in a direction in
which to
> > look? 
> >  
> >
> > We are having a problem on a box that acts as our primary DNS
machine
> > running Redhat 9.0 and BIND 9.2.1.. Periodically it quits replying
to
> > DNS requests, we clear the cache with rndc flush, sometimes, that
does
> > not work we have to kill -9 named processes. and restart. Sometimes
it
> > hangs and halts the system altogether.
> >
> >  
> >
> > I've looked in /var/log/messages there are RRSets and some
lameserver
> > entries but we can't seem to isolate what the problem truly is. 
> >
> >  
> >
> > The hardware is a Dell server, it'd had been working fine for a
couple
> > of year and as it was we'd have to rndc flush periodically (once per
> > month..) now it is occuring daily. Sometimes to the point of halting
the
> > box. Can't say whether it's hardware or software. 
> >
> >  
> >
> > Can we put our primary DNS address (via ifconfig) to the secondary
and
> > take the primary offline to do hardware diagnostics? 
> >
> >  
> >
> > At this point we are baffled and need some assistance. Any insight
from
> > the group would be greatly appreciated.. 
> >   
> 1. BIND 9.2.1 is pretty old at this point. I'd upgrade that,
regardless 
> of whether it's the fix to your problem or not.
> 2. If an rndc flush helps some of the time, my knee-jerk reaction is
to 
> say you're experiencing some sort of memory starvation issue. You
didn't 
> give any indication of how much memory you have in the box, how much 
> named uses typically, query volume/patterns, memory usage statistics 
> over a given period of time, etc. so I'm left to reckless speculation
on 
> that front.

	I would say that these represent broken delegations.  Something
	on the parent side does not match something on the child side.
	e.g.
	      NS RRset and/or address records sets for the nameservers
	      or NS RRset and/or address records where the nameservers
live
	      or NS RRset and/or address records where the nameservers'
		 nameservers live
	      or ...

> 3. If this problem "halts the system altogether", then, my second 
> knee-jerk reaction is to say that this goes beyond a mere DNS-software

> problem, and enters the realm of OS (kernel-level) and/or hardware 
> problem. Unless perhaps RedHat 9.0 is *really* bad at dealing with 
> memory-starvation conditions (in which case it might just be
symptomatic).

	This sounds like memory starvation though you should get log
	messages to that effect.

> 4. Can you migrate the address of your primary DNS server to another 
> box, so that you can do diagnostics, without disrupting your clients? 
> That's not even really a DNS question. It all depends on your 
> LAN/switch/router/firewall configuration/topology. I have no idea what

> devices or paths are used between the clients and servers in your 
> network, and what the configurations/rules that those devices might be

> using or not using...
> 
>

>                                  - Kevin
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list