Bind9.5.1b1 Heavy CPU Load?

[Fr34k]

Hello,
In my experience, the current "recursive-clients 65536" is extremely high.
Same with "tcp-clients 32768".
Does "rndc status" show that such high values are necessary? If so, the DNS needs may have out grown this single hardware solution and alternatives should be investigated (e.g., adding server load balancing across N+1 servers) -- or something may be wrong (network abuse, malware, misconfiguration, etc.)
Also, note that "max-cache-size" in 9.5.x defaults to only 32MB.
See http://www.isc.org/sw/bind/arm95/
--------------
max-cache-size 
The maximum amount of memory to use for the server's cache, in bytes. When the amount of data in the cache reaches this limit, the server will cause records to expire prematurely so that the limit is not exceeded. In a server with multiple views, the limit applies separately to the cache of each view. The default is 32M. 
--------------
Depending upon the environment and local needs, this value may need to be raised.

Perhaps disable logging to see what that does to load and then tweak as necessary.
HTH


----- Original Message ----
From: iman <iman.habibi at gmail.com>
To: comp-protocols-dns-bind at isc.org
Sent: Tuesday, September 2, 2008 3:25:12 AM
Subject: Bind9.5.1b1 Heavy CPU Load?

I compiled and installed bind9.5.1b1 (without threads)on solaris 9 in
an ultrasparc machine with 2cpu`s 900 Mhz and 4G Ram.
unfortunately,after few hours,named process consumes heavy load from
cpu:
  PID USERNAME  SIZE  RSS STATE  PRI NICE      TIME  CPU PROCESS/
NLWP
  1064 root      109M  107M cpu2    59    0  2:23:45  93% named/5
then some queries responded and some queries dont respond.
Here are my named.conf:
options {
        version "version not currently available";
        pid-file "/opt/namesurfer/run/named.pid";
        directory "/opt/namesurfer/named/namedb";
        dump-file "/opt/namesurfer/named/namedb/named.dump";
        recursive-clients 65536;
        statistics-file "/opt/namesurfer/named/namedb/statistics";
        tcp-clients 32768;
      };
logging {
        channel simple_log {
                file "/var/adm/named/bind.log" versions 3 size 50m;
                print-category yes;
                print-severity yes;
                print-time yes;
                severity warning;
        };

        category d
efault {
                simple_log;
        };
};
controls {
        inet  127.0.0.1 port 953 allow { 127.0.0.1; } keys
{ "rndckey"; };
};

Does it relate to logging options?
i removed it from named.conf,,but bind sent logs to syslog and the cpu
problem existed?!(is this default for bind 9.5.x?how can we disabled
this default state?)
How can i solve this heavy cpu load problem?