100% CPU / wedge with 9.8.3-P4 & RPZ?
Simon Forster
forster at spamteq.com
Sat Mar 16 16:23:18 UTC 2013
On 16 Mar 2013, at 14:59, Vernon Schryver <vjs at rhyolite.com> wrote:
> My logs have these instances of transfers of rpz.spamhaus.org involving
> at least 100 messages during March (NTP disciplined UTC timestamps):
>
> 02-Mar-2013 21:45:42.511 07-Mar-2013 22:47:56.423 08-Mar-2013 03:19:46.419
> 08-Mar-2013 03:26:50.262 08-Mar-2013 07:27:13.176 08-Mar-2013 07:33:29.203
> 08-Mar-2013 10:07:05.829 08-Mar-2013 11:18:09.837 15-Mar-2013 22:52:02.969
> 16-Mar-2013 00:04:14.447 16-Mar-2013 07:21:07.576 16-Mar-2013 11:06:46.515
For the record, Spamhaus modified the way that the RPZs are created and distributed to address an issue with serials getting out of sync and to reduce latency. This had an unfortunate side effect of causing further issues with serials. To resolve this, a full, fresh zone transfer was forced through.
This was a rare event and is why the Spamhaus RPZs are in beta while minor tweaks are made to the production process.
Customers now should see updates to the DBL zone file every 3 minutes and updates to the DROP zone every 15 minutes. Additionally, the latency between zone updates and zone propagation has been reduced by two minutes.
ATB
Simon Forster
Spamhaus Research Corporation
London, UK
http://www.spamteq.com/
skype: srforster
t: +44 20 7993 8813
m: +44 79 0528 8198
More information about the bind-users
mailing list