Bind 9 / Bind 8 / NOTIFY updates and system load

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Tue Dec 23 00:40:18 UTC 2003


Brath, Shane <shane.brath at tdstelecom.com> wrote:
> Bind Users:

> I am having several problems with my Bind Infrastructure lately and I want
> some advice:

> 2 major issues in summary: 

> 	1: memory grows to exceed system available, when I put some memory
> size limits on the process crashed when it reached the size instead of
> clearing out memory.

> 	2: I have about 9000 domains, and have a hierarchical setup, and
> NOTIFY updates are taking sometimes 2-3 hours to be honored by slaves.


> Details:
> 	Platform: Solaris 8 and 9.
> 	Software: Resolvers for internal services ( Mail servers ) Bind 9
> (latest)
> 		Master xfer host is running Bind 9 latest.
> 		Resolvers for external customer ( Dialup ) Bind 8 ( want to
> move to 9 )
> 	Setup: All zone data is in a database and is extracted to zone files
> on a xfer master box, all this Bind 9 box does is send Notifies that a zone
> has changed, and it serves up the files to the slaves. This xfer box does
> not allow recursive, and is strictly for updating the slaves. 


> 	Problem 1: I have tried tuning down the datasize to 400m, but
> eventually the server crashes.
> 			Can someone give me a breakdown on recommended
> settings for a Bind 9 
> 			server where there are on average several hundred q
> per s, as in a nameserver
> 			for an Email Cluster? If I remove the 400m
> requirement the server will remain stable for 
> 			about 2 weeks and then just start loosing domains.


> 	Problem 2: Slaves are taking almost 2 hours to actually do a
> transfer of a Notify, is this caused by load? Some config entry? I have the
> parallel number of axfr's allowed set to over 100, there are about 12 slave
> servers all pulling primary zones from one master server. I see the NOTIFY
> go out, and then I watch for how long the slaves take to honor it. Sometimes
> it has taken until midnight, over 6-8 hours from when the change was made?
> Should it take this long.

> I can provide more detail on the above two problems if you let me know
> specifically what you want to know.


> Thanks in advance..


> Shane Brath

The answer is simple ( as regards for #1 ) buy more memory.

It is likley that your second problems will be cured by this too.







-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.


More information about the bind-users mailing list