Bind 9 / Bind 8 / NOTIFY updates and system load

Brath, Shane shane.brath at tdstelecom.com
Tue Dec 23 05:41:01 UTC 2003


Good Response, My comments below.

> 	Problem 1: I have tried tuning down the datasize to 400m, but
> eventually the server crashes. 

>>I see I am using the wrong control to limit size, but what would you
expect as a   good layout of size usage. I have say 2 gig ram, should I have
1Gig for Recursive? How much for the Other parts of BIND, Core, etc..
I want to seperate the auth and caching roles but on the mail server DNS
servers, If I seperate them then my own servers are subject to the same
TTL's as the rest of the internet. Customers expect their email to work
locally right away, Should I just tell them that it will work here when it
works everywhere else? 


	+ You should also seperate the authoritative and caching roles. (
Note: For the most part I have this, but several legacy servers have dual
roles :(  )

> 	Problem 2: Slaves are taking almost 2 hours to actually do a
> transfer of a Notify, is this caused by load? Some config entry? I have
the
> parallel number of axfr's allowed set to over 100, there are about 12
slave
> servers all pulling primary zones from one master server. I see the NOTIFY
> go out, and then I watch for how long the slaves take to honor it.
Sometimes
> it has taken until midnight, over 6-8 hours from when the change was made?
> Should it take this long.

>> I did have notify no; set on the slaves, how can I fake a NOTIFY to a
slave to check how long it takes to respond?

	Turn off notify on the slave zones unless they are a master for
another
	server.

	Notifies and refresh queries are rate limited via a single queue,
	serial-query-rate (default 10).  There are 108000 notifies sent out
	at startup with the configuration you have.

	-- So is serial-query-rate a config on the client or the server, it
looks like the server. But if out of my 9000 domains only 20 change when I
do a rndc reconfig of the master xfer box, it should only send out 20
NOTIFY's right?  If I have "transfers-per-ns" set to 100, shouldn't I be
able to cope with 100 changes at a time? Per name server slave?

Shane.
 


More information about the bind-users mailing list