FW: BIND limits and performance questions
brad.knowles at skynet.be
Thu Dec 31 23:21:46 UTC 1903
At 3:28 PM -0800 3/23/01, Derek J. Balling wrote:
> Seems to me just a lack of management support then. Too many suits,
> not enough engineers.
This kind of stuff doesn't go through management. Management
never sees it. What happens is that mail server administrators all
over the world personally blame me, and some of them send some of the
most offensive and abusive stuff you would never want to be exposed
to in your life.
> If $RANDOM_NET_ENGINEER says "hey, I can't reach $BIG_SITE any
> more!", and its because $RANDOM_NET's DNS resolver is broken, I
> say "Tough, here's the spec, read it, know it, live it."
Problem is, that's not what happens. What actually happens is
that $RANDOM_NET_MAIL_ADMINISTRATOR gets nuked out of existence
because their mail server has thousands, tens of thousands, hundreds
of thousands, or millions of mail messages backlogged in their
outgoing queues, and they don't understand why.
When they look into things in more depth, they see that AOL is
advertising forty-five MXes, and since it takes two minutes to time
out attempting to contact each one (therefore ninety minutes to go
through and check all forty-five of them for a single recipient), and
most sites have their queues run once an hour (every sixty minutes),
they build up a large number of processes all waiting to try to get
mail to AOL but can't, this fills up the memory on their machine, and
it has a kernel panic and crashes.
They then blame AOL in general, and me in particular. Assuming
that their company is still in business (and they're not wasting
every bps of their bandwidth constantly trying to deliver all those
mail messages), they then visit upon my personal private mailbox the
kind of abuse you would not heap on your worst enemy, nor would you
want anyone else to heap it on your worst enemy.
Or haven't you ever had a Draft RFC written in a single day on
the subject of "Here's what you *DON'T* ever do so long as you live,
so that you avoid fscking up the entire rest of the Internet"?
As a side effect, you can thank me for the existence of
alternative MTAs such as qmail and postfix -- both were written in
direct response (at least in part) to the problems that were caused
at the time of this outage, and the exceptionally poor way that
sendmail handled the millions of backlogged mail messages that some
Much as I hate, loathe, and despise The Great and Omniscient and
Omnipresent and Omnipotent Dan, I would not with this kind of
treatment upon even him.
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne's/\.//;print pack("H124",$1)if(/^x([^\.]*)/)'
More information about the bind-users