bind server fail!

[Kevin Darcy]

shen Jason wrote:
> My DNS server used bind 9.3.2 ,recently DNS server failes,I used rndc 
> status ,appear below:
> recursive clients: 35251/80000,but DNS server run well,recursive clients: 
> 6501/80000.When DNS server failed,I resolved local zone is ok,but resolved 
> outside zone is server-fail.First,My server had 32G RAM and cpu idle is 
> 80%,RAM user is 13%,the server resoure is enough.But why ,I don't know.I 
> wish somebody could help me, it is so luckly.
>
> it is my named.conf below:
>        allow-transfer { none; };
>         notify no;
>         recursion yes;
>         recursive-clients 80000;
>         query-source address * port 53;
>         tcp-clients 1000;
>         max-cache-ttl 43200;
>         cleaning-interval 120;
>         datasize unlimited;
>         listen-on-v6  { none; };
>         auth-nxdomain   no;
>   
The symptoms you describe would be exactly what I'd expect if you lost
your Internet connectivity. In that case, your nameserver would start
"thrashing", trying to get answers from Internet nameservers, the number
of active recursive requests in your queue would go up (as you
describe), and so would your CPU and memory usage. Next time this
happens, I'd do a few queries of Internet names from the command-line of
the machine (e.g. with "dig") to see if they are working or not.

The reason this didn't affect your "local zones" (by this I assume you
mean zones for which you are defined as master or slave) is because it
is not necessary to talk to Internet nameservers in order to resolve those.

- Kevin

P.S. Don't set your query-source port to 53 unless there is some
specific reason to do so.