Statistics Question

Jim Reid jim at rfc1035.com
Tue Feb 22 18:06:52 UTC 2000


>>>>> "Jorg" == Jorg B <jorg_b at cwo.com> writes:

    Jorg> Hello, We are running bind 8.2.2P5 on a Linux System (kernel
    Jorg> 2.2.14).  At any given time we have about 600 concurrent
    Jorg> connections hitting the DNS server. It seems that at peak
    Jorg> times the server takes longer to respond to DNS lookup
    Jorg> requests. Therefore, I was wondering if I've reached at
    Jorg> point where I have to upgrade and/or distribute the load.

Maybe, but the numbers below are not consistent with "600 concurrent
connections hitting the DNS server". What do you mean by that and what
are those connections? Most DNS activity uses UDP and that protocol
doesn't have connections.

    Jorg> This server is authoritative for 650 Internet Domain names
    Jorg> and provides DNS services to 600 concurrent customers.  The
    Jorg> machine is a 350 MHZ Pentium II with 128 MB of RAM an SCSI
    Jorg> drives. It connects to the network at 100MB Full duplex.

This should make a pretty good name server.

    Jorg> Here is a snip from the message log:

    Jorg> Feb 21 20:34:34 ns1 named[51]: XSTATS 951194074 946445368
    Jorg> RR=10232852 RNXD=845429 RFwdR=7371000 RDupR=23317
    Jorg> RFail=71471 RFErr=0 RErr=6728 RAXFR=442 RLame=308062 ROpts=0
    Jorg> SSysQ=2226512 SAns=68991377 SFwdQ=6991547 SDupQ=3200035
    Jorg> SErr=50747 RQ=75840413 RIQ=8 RFwdQ=0 RDupQ=118004 RTCP=83485
    Jorg> SFwdR=7371000 SFail=13195 SFErr=0 SNaAns=16943464
    Jorg> SNXD=1719767Feb

Your name server has been up for 4748706 (951194074 - 946445368)
seconds. In that time it has received 75840413 queries, an average of
just under 16 queries per second. This is a modest level of DNS
traffic. It will be an insignificant load for your hardware. I doubt
if handling that query rate uses as much as 1% of the CPU. Your name
server has seen 23317 (RdupR) duplicate queries, which indicates it
does not have a problem getting answers out quickly enough. So, this
tends to suggest there probably isn't a DNS performance problem that
needs fixing.

What makes you think you're getting 600 "connections" and what are
these connections? Is the name server also doubling as a POP/SMTP/WWW
or whatever server? And is there anything in the system statistics -
process accounting, load average, etc - that suggests there is a
performance problem on the server? Bear in mind that when the system
is "busy", it will take longer to do things like fork off processes to
handle incoming POP/SMTP/WEB/whatever connections. This has no bearing
on DNS as such. Having said that, it's usually a good idea to put the
name server on a box that doesn't have to compete for RAM with other
processes and network applications. However, you've not provided any
information which indicates where or even if there is a performance
bottleneck. You say things are slow when the server is busy, but how
do you know that DNS is to blame and not something more obvious like
network bandwidth or a poor physical connection or an overly busy http
daemon?

PS When I last measured DNS performance on a Pentium, ~500us elapsed
between the query arriving at the name server and an answer from its
cache going back out. So 600 queries/second shouldn't trouble your
hardware unless it has other services to support. And a name server
that gets that sort of query rate is usually only found at big ISPs.
If you are getting hit with that query rate - the numbers in the name
server logs say otherwise - then it would be an idea to split the load
of serving requests between different servers. Unless you have many
thousands of customers, a query rate of 600/second is unusual: perhaps
one of them has a rogue resolver that's stuck in a tight loop?



More information about the bind-users mailing list