Bind tcp connection

Alex Tang alextang at cms.hkcable.com
Thu Dec 22 07:40:37 UTC 2005 

one more information , the dns server is a cache server only


-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On Behalf Of Alex Tang
Sent: Thursday, December 22, 2005 12:48 PM
To: Barry Margolin; comp-protocols-dns-bind at isc.org
Subject: RE: Bind tcp connection
Importance: High


very happy, thx your help, thanks  very much

my last question is 
I found out a lot of idle connection from my dns server and i use lsof to check out those connections were generated by  the bind service. Therefore, i want to know why my bind generated a lot of idle connection ( should be tcp and above 250 idle connections)

TCP: IPv4
   Local Address        Remote Address    Swind Send-Q Rwind Recv-Q  State
-------------------- -------------------- ----- ------ ----- ------ -------

     *.*                  *.*                0      0 24576      0 IDLE
      *.*                  *.*                0      0 24576      0 IDLE
      *.*                  *.*                0      0 24576      0 IDLE
      *.*                  *.*                0      0 24576      0 IDLE
      *.*                  *.*                0      0 24576      0 IDLE
      *.*                  *.*                0      0 24576      0 IDLE

some event was found in the dns log, 
1. I have a lot of connection time out from a server , over 100

30-Nov-2005 21:07:52.600 default: info: stream_getlen([64.202.167.50].53): Connection timed out
30-Nov-2005 21:07:59.878 default: info: stream_getlen([64.202.167.50].53): Connection timed out
30-Nov-2005 21:08:00.832 default: info: stream_getlen([64.202.165.4].53): Connection timed out
30-Nov-2005 21:08:05.069 default: info: stream_getlen([64.202.167.50].53): Connection timed out
30-Nov-2005 21:08:11.268 default: info: stream_getlen([64.202.167.50].53): Connection timed out
30-Nov-2005 21:08:13.280 default: info: stream_getlen([64.202.167.50].53): Connection timed out
30-Nov-2005 21:08:16.203 default: info: stream_getlen([64.202.167.50].53): Connection timed out

2. the log show out  too many open file (continue)

30-Nov-2005 21:44:57.008 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files
30-Nov-2005 21:44:57.008 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files
30-Nov-2005 21:44:57.008 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files
30-Nov-2005 21:44:57.012 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files
30-Nov-2005 21:44:57.016 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files
30-Nov-2005 21:44:57.350 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files
30-Nov-2005 21:44:57.350 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files
30-Nov-2005 21:44:59.004 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files
30-Nov-2005 21:45:00.005 default: notice: fcntl(fd, F_DUPFD, 20): Too many open files

The problem is fixed after i kill the bind service and start again (kill -HUP cannot fix it)

I want to know how to cause the problem and try to prevent it.
I think that is a dns query problem
I am checking why sometimes the dns server make a lot of tcp connection in my dns server, sometimes tcp from 

mydns server : high port --- other dnsserver: 53

thx  very much

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On Behalf Of Barry Margolin
Sent: Thursday, December 22, 2005 12:27 PM
To: comp-protocols-dns-bind at isc.org
Subject: Re: Bind tcp connection


In article <dod5ao$s4u$1 at sf1.isc.org>,
 "Alex Tang" <alextang at cms.hkcable.com> wrote:

> Hi All
> 
> 
> Any one know that when clients use TCP to query dns server ? How can I 
> simulate it ? If the client use tcp query the dns server, will the server use 
> tcp to query other dns server ? and how many tcp connection to make with 
> other dns server. For example, if the dns server make a lot of dns connection 
> to other dns server , why  ?

Most clients (unless the client and server support the EDNS0 extensions) 
will switch to TCP when the response is larger than 500 bytes.  You can 
make this happen by creating a DNS entry with lots of PTR records that 
can't be merged with DNS compression:

a PTR 123456789012345678901234567890.123456789012345678901234567890.a
  PTR 123456789012345678901234567890.123456789012345678901234567890.b
  PTR 123456789012345678901234567890.123456789012345678901234567890.c
  PTR 123456789012345678901234567890.123456789012345678901234567890.d
  PTR 123456789012345678901234567890.123456789012345678901234567890.e
  PTR 123456789012345678901234567890.123456789012345678901234567890.f
  PTR 123456789012345678901234567890.123456789012345678901234567890.g
  PTR 123456789012345678901234567890.123456789012345678901234567890.h
  PTR 123456789012345678901234567890.123456789012345678901234567890.i

Doing "dig a.yourdomain.com ptr +bufsize=500" should then result in a 
switch to TCP.

I've also heard that Microsoft Exchange always uses TCP when it does its 
MX lookups.  I don't know why, it's just one of those mysterious 
Microsoft Windows things.

I don't think a client using TCP will force the server to use TCP.

I don't understand your last question.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list