Problem with Secondary systems with many zones
Mark Andrews
Mark_Andrews at isc.org
Tue Dec 14 21:46:59 UTC 2004
> Quoting Sebastian Castro Avila <secastro at nic.cl>:
> >
> > Only to give you a number, we handle 43K zones using BIND 9.
> > Probably the zone number is not the problem. May be you should tune some
> > parameters of the config file to handle the large number of zone
> > transfers, for example.
> >
>
> Here is the config... Any suggestions?
>
> options {
> version "The best version... What do you expect.";
> directory "/var/named";
> pid-file "/var/named/named.pid";
> recursion no;
> allow-query { any; };
> allow-transfer { "secdns";};
> // These people are banned from everything
> blackhole { none; };
> provide-ixfr yes;
> request-ixfr yes;
> transfers-per-ns 1000;
> transfers-out 2000;
> };
Well since this is a "slave" I would have "notify no;" in
the options to avoid having to put in every zone. You can
override at the zone level for those zones the need to send
NOTIFY messages.
I'd raise the serial-query-rate to ensure that it was high
enough to allow all the zones to actually emit their refresh
queries in the average refresh interval allowing for some
retries.
I'd me making sure the server wasn't swapping.
I'd be looking at the packet traces to see what is happening
at startup. To make seeing what named is generating and
the replies easier I would force the source ports to 7000,
7001, and 7002 for query-source, notify-source and
transfer-source respectively.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list