Problem with bind 9.2.1 on a HPUX machine

Mark_Andrews at isc.org Mark_Andrews at isc.org
Wed Oct 9 06:26:36 UTC 2002 

> 
> Hello, 
> 
>   I am running a cache only named in one hpux A400 server with 256Mb memory. 
> The server is receiving about 300 requests per second. 
> 
>   Few days ago the number of requests increase and i started to have 
> problems with name resolution. The named still up and running and the cpu 
> very low(about 5%). The memory usage is also ok, but the bind stop to answer 
> user requests. After stop and start bind again the system work again for 
> some days but when it receive high load it stop resolving. This is happening 
> specially during the high load times. 

	Upgrade to 9.2.2rc1.

1245.   [bug]           Treat ENOBUFS, ENOMEM and ENFILE as soft errors for
                        accept().

> 
>   I was also getting a lot of "cache update denied messages in the log". 
> Then i start to send the security messages to "null" 
> 
> 30 12:59:43 resolve1 named[1074]: Sep 30 12:59:43.445security: info: client 
> 65.216.72.15#55555: query (cache) denied
> Sep 30 12:59:43 resolve1 named[1074]: Sep 30 12:59:43.811security: info: 
> client 200.163.200.57#15701: query (cache) denied
> Sep 30 12:59:46 resolve1 named[1074]: Sep 30 12:59:46.805security: info: 
> client 200.163.200.57#15701: query (cache) denied
> Sep 30 12:59:49 resolve1 named[1074]: Sep 30 12:59:49.813security: info: 
> client 200.163.200.57#15701: query (cache) denied
> Sep 30 12:59:52 resolve1 named[1074]: Sep 30 12:59:52.814security: info: 
> client 200.163.200.57#15701: query (cache) denied 
> 
> 
>   Anybody else notice the same problem with bind running on a HPUX machine? 
> Is there something wrong with my config's? 
> 
>   Any help whould be very appreciated. 
> 
> 
> root:resolve1>netstat -p udp
> udp:
>        0 incomplete headers
>        1319 bad checksums
>        98183 socket overflows
> root:resolve1> 
> 
> Oct  7 10:59:13 resolve1 named[12610]: starting BIND 9.2.1 -c 
> /etc/named.conf -u named -t /usr/local/bind/
> Oct  7 10:59:13 resolve1 named[12610]: using 1 CPU
> Oct  7 10:59:14 resolve1 named[12610]: loading configuration from 
> '/etc/named.conf'
> Oct  7 10:59:14 resolve1 named[12610]: no IPv6 interfaces found
> Oct  7 10:59:14 resolve1 named[12610]: listening on IPv4 interface lan0, 
> 200.175.5.139#53
> Oct  7 10:59:14 resolve1 named[12610]: could not listen on UDP socket: 
> address in use
> Oct  7 10:59:14 resolve1 named[12610]: creating IPv4 interface lan0 failed; 
> interface ignored
> Oct  7 10:59:14 resolve1 named[12610]: not listening on any interfaces
> Oct  7 10:59:14 resolve1 named[12610]: no source of entropy found
> Oct  7 10:59:14 resolve1 named[12610]: Oct 07 10:59:14.136general: info: 
> zone 0.0.127.in-addr.arpa/IN: loaded serial 2001011701
> Oct  7 10:59:14 resolve1 named[12610]: Oct 07 10:59:14.150general: info: 
> running
> Oct  7 11:02:34 resolve1 named[12603]: Oct 07 11:02:34.420general: info: 
> loading configuration from '/etc/named.conf'
> Oct  7 11:02:34 resolve1 named[12603]: Oct 07 11:02:34.424network: info: no 
> IPv6 interfaces found 
> 
> 
> #======================================================
> # named.conf for dbfiles directory.
> #
> # NOTE: Comments in this file begin with a # symbol.
> #
> # NOTE: Remember we're chrooted.  Don't break the paths
> #       below by forgetting that.
> #====================================================== 
> 
> # Resolvera nomes apenas para IPs do AS da GVT - Flavio.Negrao 15/12/00
> acl gvt_as { 200.175.0.0/18; 200.175.64.0/18; 200.175.128.0/18; }; 
> 
> controls { }; 
> 
> 
> logging {
>        channel named_info {
>                syslog;
>                print-category yes;
>                print-severity yes;
>                print-time yes;
>            }; 
> 
>        category client { named_info; };
>        category config { named_info; };
>        category default { named_info; };
>        category general { named_info; };
>        category notify { named_info; };
>        category network { named_info; };
>        category update { named_info; };
>        category queries { named_info; };
>        category xfer-in { named_info; };
>        category xfer-out { named_info; };
>        category security { null; };
>        category lame-servers { null; };
>        }; 
> 
> 
> options {
>        directory "/dbfiles";
>        pid-file "/dbfiles/internal.pid";
> 	auth-nxdomain no;
>        allow-query { gvt_as; };
>        listen-on { 200.175.5.139; };
> 	allow-recursion { gvt_as; };
> 	allow-transfer { none; };
> 	notify no;	 
> 
> 
>  	recursive-clients 25000;
>        max-cache-size unlimited;
>        max-ncache-ttl 172800; 
> 
> 
> }; 
> 
> 
> zone "0.0.127.in-addr.arpa" in {
>        type master;
>        file "db.127.0.0";
> }; 
> 
> zone "." in {
>        type hint;
>        file "db.cache";
> }; 
> 
>  
> 
>  
> 
> 
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list