TCP queries fail - BIND 9.5.0 Windows Server 2003

Vinny Abello vinny at tellurian.com
Mon Jul 21 03:32:45 UTC 2008 

I can confirm these findings as well. This is definitely what's happening in the newer BIND code base on Windows. 9.4.2 is the only stable option at the moment (despite the vulnerability) unless you keep cycling the service.

I don't have 9.5.0 running at the moment, but if handles are leaking, often times you can narrow down what handles are opened by using the handles.exe program from Sysinternals, now Microsoft:

http://technet.microsoft.com/en-us/sysinternals/bb896655.aspx

Try running that and keeping it narrowed to the PID or named.exe process to see what handles are opened and maybe this can be narrowed down.

Additionally, another tool that may help is process explorer, also from Sysinternals/Microsoft:

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

Using one or both of these tools on a misbehaving system with a handle leak, should enable us to find out what's happening, and hopefully help ISC to get it fixed.

Let us know what you find. I'm very interested as I'd like to be able to run BIND 9.5.x on Windows and have IPv6 support.

-Vinny

> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Jukka Pakkanen
> Sent: Friday, July 18, 2008 11:13 AM
> To: bind-users at isc.org
> Subject: Re: TCP queries fail - BIND 9.5.0 Windows Server 2003
>
> Have tested some more different versions for Windows:
>
> 9.4.2 used to run this without any problems, and perhaps the best
> option at
> the moment even vulnerable to the spoofing attack. Typically our
> servers
> used about 40-50M RAM
>
> 9.4.2p1 leaks memory and crashes after few hours (even plenty of free
> RAM
> left). Named process is still on and responds to windows task manager,
> but
> no reply to DNS queries.
>
> 9.5.0 leaks memory & handles, takes 2-3 days and the server runs out of
> memory and named stops responding. Named process still keeps running
> though.
> Restarting the named process "fixes" the problem till 2-3 days again.
>
> 9.5.0p1 leaks memory and crashes after few hours (even plenty of free
> RAM
> left). Named process is still on and responds to windows task manager,
> but
> no reply to DNS queries.
>
> 9.5.1b1 leaks memory & handles, takes 2-3 days and the server runs out
> of
> memory and named stops responding. Named process still keeps running
> though.
> Restarting the named process "fixes" the problem till 2-3 days again.
>
> Currently running the 9.5.1b1 and restarting the service every day in
> every
> server....
>
> Jukka
>

More information about the bind-users mailing list