URGENT, PLEASE READ: 9.5.0-P1 now available

Stephen John Smoogen smooge at gmail.com
Thu Jul 24 23:11:50 UTC 2008 

On Thu, Jul 24, 2008 at 4:18 PM, Walter Gould <gouldwp at auburn.edu> wrote:
> Walter Gould wrote:
>> JINMEI Tatuya / ???? wrote:
>>> At Tue, 22 Jul 2008 11:30:58 -0500,
>>> Walter Gould <gouldwp at auburn.edu> wrote:
>>>
>>>
>>>>> Hmm...I'm curious about whether the server really consumes all the
>>>>> possible 1024 sockets.  Can you do some diagnosing, including:
>>>>>
>>>>> - checks whether the server constantly opens such a large number of
>>>>>   sockets, e.g., by using lsof
>>>>>
>>>> When I run lsof, the number of named UDP sockets opened is right at
>>>> 995 to 999.
>>>>
>>>
>>> Thanks, then it really consumes all available sockets (file
>>> descriptors, more accurately).  Then the options I can think of are:
>>>
>>> - move to a beta (probably you don't want to do that)
>>> - use a larger FD_SETSIZE like 4096 and recompile named with it, if
>>>   you OS allows such a dynamic change of FD_SETSIZE
>>>
>>>
>>>
>> Thanks - using a larger FD_SETSIZE seems to have worked. I set the
>> #define __FD_SETSIZE in /usr/include/linux/posix_types.h to 4096,
>> saved and recompiled named and now named is not crashing as it was
>> before with the "too many open files" error.
>>
>> Thanks for your help,
>> Walter
>>
> I guess I spoke too soon.  The upgraded BIND 9.5.0-P1 that I compiled
> yesterday (with the increased FD_SETSIZE) has crashed a few times
> today.  I received the same "Too many open files" error that I had been
> seeing.  Also, when I ran lsof, the number of named sockets or file
> descriptors (?) was around 1000.  Shouldn't it have been ok since I
> increases the FD_SETSIZE to 4096?
>
> I tried restarting it, but shortly after, it crashed again.  I am
> wondering if running 9.5.0 is safe to run if we are not allowing
> recursive lookups?  When I run the dig @nameserver +short
> porttest.dns-oarc.net TXT test against it, I receive:
> dig @nameserver_ip +short porttest.dns-oarc.net TXT
> z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
> "nameserver_ip is GOOD: 26 queries in 1.9 seconds from 7 ports with std
> dev 22442.25"
>
> Any thoughts?
>

Did you edit /etc/security/limit.conf to allow for processes to have
more open files?

cat /proc/sys/fs/file-max

to see wht the kernel thinks is the maximum number of processes, and
for /etc/security/limits.conf:

*               -    nofile 16384


http://kbase.redhat.com/faq/FAQ_80_1540.shtm



-- 
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"

More information about the bind-users mailing list