FW: BIND limits and performance questions

Brad Knowles brad.knowles at skynet.be
Thu Dec 31 23:21:46 UTC 1903

At 3:28 PM -0800 3/23/01, Derek J. Balling wrote:

>  Seems to me just a lack of management support then. Too many suits,
>  not enough engineers.

	This kind of stuff doesn't go through management.  Management 
never sees it.  What happens is that mail server administrators all 
over the world personally blame me, and some of them send some of the 
most offensive and abusive stuff you would never want to be exposed 
to in your life.

>  If $RANDOM_NET_ENGINEER says "hey, I can't reach $BIG_SITE any
>  more!", and its because $RANDOM_NET's DNS resolver is broken, I[1]
>  say "Tough, here's the spec, read it, know it, live it."

	Problem is, that's not what happens.  What actually happens is 
that $RANDOM_NET_MAIL_ADMINISTRATOR gets nuked out of existence 
because their mail server has thousands, tens of thousands, hundreds 
of thousands, or millions of mail messages backlogged in their 
outgoing queues, and they don't understand why.

	When they look into things in more depth, they see that AOL is 
advertising forty-five MXes, and since it takes two minutes to time 
out attempting to contact each one (therefore ninety minutes to go 
through and check all forty-five of them for a single recipient), and 
most sites have their queues run once an hour (every sixty minutes), 
they build up a large number of processes all waiting to try to get 
mail to AOL but can't, this fills up the memory on their machine, and 
it has a kernel panic and crashes.

	They then blame AOL in general, and me in particular.  Assuming 
that their company is still in business (and they're not wasting 
every bps of their bandwidth constantly trying to deliver all those 
mail messages), they then visit upon my personal private mailbox the 
kind of abuse you would not heap on your worst enemy, nor would you 
want anyone else to heap it on your worst enemy.

	Or haven't you ever had a Draft RFC written in a single day on 
the subject of "Here's what you *DON'T* ever do so long as you live, 
so that you avoid fscking up the entire rest of the Internet"?

	As a side effect, you can thank me for the existence of 
alternative MTAs such as qmail and postfix -- both were written in 
direct response (at least in part) to the problems that were caused 
at the time of this outage, and the exceptionally poor way that 
sendmail handled the millions of backlogged mail messages that some 
sites had.

	Much as I hate, loathe, and despise The Great and Omniscient and 
Omnipresent and Omnipotent Dan, I would not with this kind of 
treatment upon even him.
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne's/\.//;print pack("H124",$1)if(/^x([^\.]*)/)'

More information about the bind-users mailing list