Internet DNS forwarders causing Intranet DNS servers to be unresponsive?

peter h tsar.peter at gmail.com
Wed Apr 27 10:22:05 UTC 2005 

"paulette mudrey" <paulette_mudrey at hotmail.com> wrote in message news:<d4lig2$13o6$1 at sf1.isc.org>...
> We have 2 intranet DNS servers that point to our 2 internet DNS servers as 
> forwarders and we have noticed that if we have problems with our Internet 
> connection that the intranet DNS servers are unresponsive.  In one case we 
> got the following errors and had to restart named:
> 
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 172.17.100.9#53: 
> no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 
> 172.17.133.5#10001: no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 
> 10.0.227.214#1829: no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 10.0.165.55#1737: 
> no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 
> 172.16.1.31#36332: no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 172.31.101.16#53: 
> no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 
> 172.17.133.5#10001: no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.1.87.157#3486: 
> no more recursive clients: out of memory
> Apr 21 14:12:14 hpadm1 /usr/local/sbin/named[1033]: client 172.17.100.9#53: 
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.1.86.149#1031: 
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.0.168.30#2617: 
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.0.75.37#1030: 
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 172.31.101.16#53: 
> no more recursive clients: out of memory
> Apr 21 14:12:15 hpadm1 /usr/local/sbin/named[1033]: client 10.1.87.96#4206: 
> no more recursive clients: out of memory
> Apr 21 14:39:43 hpadm1 /usr/local/sbin/named[1033]: mem.c:1540: 
> INSIST(mpctx->allocated > 0) failed
> 
> In another case the intranet DNS servers would not even reply to internal 
> DNS queries or for anything in it's cache.  I read in the "DNS and BIND"  
> book (fourth edition - p. 334 Single point of failure) that this should not 
> be the case and that they should reply to anything they have in their cache 
> or that they are authoritative for.  Could they just be too busy trying to 
> reply to internet DNS queries that are taking longer than usual?  Is there a 
> better way to set this up??
> 
> We are running BIND 9.1.3 on HPUX 11.0.
> 
> Paulette

You seem to be out-of-memory for your bind. In addition bind-9.1.3 
is historic, upgrade !

With a recent bind-9 you should be able to raise your "recursive-client" 
in the 'options' section of your configuration.



Regards
> 
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's FREE! 
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

More information about the bind-users mailing list