Tuning for lots of SERVFAIL responses
Mark Andrews
marka at isc.org
Thu Feb 18 22:06:25 UTC 2016
In message <686c619a5c4e4bcabdc6cfaf1e27d4df at mxph4chrw.fgremc.it>, "Darcy Kevin
(FCA)" writes:
> Ah, so "recursive-clients" is the quota of queries that require named to recu
> rse to get the answer, right?
Yes.
> I was going to respond with the same advice --
> slave your internal zones -- but then I somehow convinced myself that "recurs
> ive-clients" was merely the quota of concurrent RD=1 queries that named would
> handle, thus slaving wouldn't help in a network-outage situation, since name
> d would still drop any new RD=1 query whenever the quota was full.
For some reason people are afraid to slave internal zones. Back
when I was working for CSIRO I used to slave all the internal zones
for all of the sites the division had. Each site administered its
own zones but all sites slaved all of them. That way local and
inter site lookups always succeeded even when the external links
were down.
> I concur with the 10x recommendation, and also the advice about mail servers.
> My mail servers -- at least, the ones that run on Linux -- are configured wi
> th local caching resolvers, due to the high volume and wide variety of lookup
> s they generate. And the typical OS-level caching mechanisms (nscd, etc.) don
> 't usually help much, I don't believe, since many of the lookups are for MX r
> ecords which, AFAICT, nscd and friends don't cache.
>
>
> - Kevin
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list