selecttest tool

Walter Gould gouldwp at auburn.edu
Mon Aug 11 16:13:13 UTC 2008 

JINMEI Tatuya / ???? wrote:
> At Fri, 08 Aug 2008 14:24:31 -0500,
> Walter Gould <gouldwp at auburn.edu> wrote:
>
>   
>>> I guess we need more information to diagnose:
>>>
>>> - your detailed configuration (named.conf)
>>>   
>>>       
>> Jinmei,
>>
>> See our attached named.conf file.
>>     
>
> I have a couple of suggestions:
>
> 1. you should specify a larger max-cache-size in named.conf.  the
>    default size of 9.5.0 (32MB) is normally too conservative for a
>    busy server with many clients, reducing cache hit rate and making
>    the server busier, and possibly triggering subsequent performance
>    troubles as a result.
> 2. #1 may be sufficient for you, but you may also want to raise
>    recursive-clients (whose default is 1000) to some reasonable large
>    value (e.g., 10000).  I suspect the primary reason for the SERVFAIL
>    in your case is that the server hits the recursive-clients quota.
>    I suspect the server left warning messages like ""no more recursive
>    clients: ...".  Raising recursive-clients will at least solve this
>    issue.
>
> ---
> JINMEI, Tatuya
> Internet Systems Consortium, Inc.
>
>   

Here's the latest in my DNS horror story...

I compiled 9.5.0-P2 with increased file descriptor settings 
(STD_CDEFINES="-DISC_SOCKET_FDSETSIZE=4096") and changed my named.conf 
to include max-cache-size 320M; and recursive-clients 10000; as 
suggested above.

I started named and watched 'rndc status'. After a few minutes this was 
the result:
# rndc status
version: 9.5.0-P2 ()
number of zones: 365
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 4980/9900/10000
tcp clients: 0/100
server is up and running

When the recursive clients reached this level (or shortly before) 
queries started timing out...

/var/log/messages showed the all to familiar too many open sockets error:

Aug 11 10:34:17 dnsnew named[24266]: error: socket: too many open file 
descriptors
Aug 11 10:34:31 dnsnew last message repeated 1876 times

My questions are -
1. Do you think I should increase the FDSETSIZE to 10,000 or some other 
crazily high number?
2. Is that excessive?
3. What other adverse effects might this cause on my server?
4. Am I the only one having problems with a) ISC patched BIND packages 
and b) Red Hat patched BIND rpms?

Thanks again,
Walter

More information about the bind-users mailing list