Recursive bind becomes unresponsive with high load
sthaug at nethelp.no
sthaug at nethelp.no
Thu Mar 31 17:35:39 UTC 2016
> > If you are crawling lots of new names, the cache size won't have much
> > impact. Each new query will require recursing vs hitting the cache. Try
> > "rndc recursing" and look at what you have sitting around waiting for
> > answers. Hopefully that provides some clues. This can be all sorts of
> > things like unresponsive auth servers, network issues, firewalls munging
> > EDNS, etc causing the recursive client backlog.
>
> Can a "recursive client backlog" be a problem if recursing clients is ca. 1000
> while recursive-clients is 6000? If yes, where is the backlog? I can see it
> in the syslog when recursive-clients is reached - this does not happen here.
Have you checked your operating system limits? One recursive client
often means one open socket (waiting for response from authoritative
server), i.e. one open file descriptor. If you have thousands of
simultaneous recursive clients, you will need a correspondingly large
file descriptor limit for the named process.
Remember that a (presumed) authoritative server which is slow to
answer means that the socket may be held open correspondingly long.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the bind-users
mailing list