Re: Performance Issue for bind-9.4.2-P2 at Linux

Bind Petras bind at inbox.lt
Mon Sep 22 17:52:02 UTC 2008 

I have the same problem, since there is no reply from BroBind, I'll post answers about my system:
- OS kernel version
The problem is noticed on systems running openSUSE 10.1 with kernels 2.6.16.21.-0.13-smp and 
2.6.16.27-0.9-smp

- you named configuration (named.conf)

acl LOCAL { 127.0.0.0/8; 192.168.0.0/16; 172.16.0.0/12; };


options {
        pid-file "/var/run/named/named.pid";
        directory "/var/lib/named";

        dump-file "/var/log/named_dump.db";
        statistics-file "/var/log/named.stats";

        listen-on port 53 { 127.0.0.1; 192.168.3.20; };
        listen-on-v6 { none; };
        interface-interval 0;
        version "TTT";
        recursive-clients 50000;
        recursion yes;
        allow-recursion { LOCAL; };
        allow-query { LOCAL; };
        allow-query-cache { LOCAL; };
};

zone "." in {
        type hint;
        file "root.hint";
};

zone "localhost" in {
        type master;
        file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
        type master;
        file "127.0.0.zone";
};

- initial log messages when you start named with the same command-line
 options plus '-g'

# /usr/local/sbin/named  -g -n 4 -u named
22-Sep-2008 20:43:05.197 starting BIND 9.4.2-P2 -g -n 4 -u named
22-Sep-2008 20:43:05.197 found 4 CPUs, using 4 worker threads
22-Sep-2008 20:43:05.199 loading configuration from '/etc/named.conf'
22-Sep-2008 20:43:05.200 listening on IPv4 interface lo, 127.0.0.1#53
22-Sep-2008 20:43:05.201 binding TCP socket: address in use
22-Sep-2008 20:43:05.201 listening on IPv4 interface eth1, 192.168.3.20#53
22-Sep-2008 20:43:05.203 binding TCP socket: address in use
22-Sep-2008 20:43:05.247 automatic empty zone: 127.IN-ADDR.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 254.169.IN-ADDR.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 2.0.192.IN-ADDR.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: D.F.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 8.E.F.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: 9.E.F.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: A.E.F.IP6.ARPA
22-Sep-2008 20:43:05.247 automatic empty zone: B.E.F.IP6.ARPA
22-Sep-2008 20:43:05.256 couldn't add command channel 127.0.0.1#953: address in use
22-Sep-2008 20:43:05.256 couldn't add command channel ::1#953: address in use
22-Sep-2008 20:43:05.256 ignoring config file logging statement due to -g option
22-Sep-2008 20:43:05.256 zone 0.0.127.in-addr.arpa/IN: loading from master file 127.0.0.zone failed: 
file not found
22-Sep-2008 20:43:05.257 zone localhost/IN: loading from master file localhost.zone failed: file not 
found
22-Sep-2008 20:43:05.258 running
22-Sep-2008 20:43:07.195 checkhints: L.ROOT-SERVERS.NET/A (199.7.83.42) missing from hints
22-Sep-2008 20:43:07.195 checkhints: L.ROOT-SERVERS.NET/A (198.32.64.12) extra record in 
hints


- number of sockets named actually opens when you see the many
 SERVFAILs (use lsof for example to see this)

# lsof -n | grep -c named
11890


My configure options were :
 STD_CDEFINES="-DISC_SOCKET_FDSETSIZE384" ./configure --enable-threads


At Wed, 17 Sep 2008 18:12:51 +0800,
"BroBind BroBind" <brobind at gmail.com> wrote:

> We upgraded our Caching-Publishing DNS servers from bind-9.2 to
> bind-9.4.2-P2  at our 4 IBM x346 2 Core CPU 2.80GHz  RHEL4-U3 x86_64 and
> 16GB Mem.  But we had experienced problems w/ it with too many open files
> problem. We resolved it by increasing the FD_SETSIZE at
> /usr/include/bits/typesizes.h and defining the
> STD_CDEFINES="-DISC_SOCKET_FDSETSIZE at 96" during compilation. Here's our
> configure options:
>
> STD_CDEFINES="-DISC_SOCKET_FDSETSIZE at 96" ./configure
> --prefix=/var/bind/v9.4.2-P2
> --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu
> --target=x86_64-redhat-linux-gnu \
> --with-libtool --enable-threads --enable-ipv6 --with-pic --with-openssl=yes
> --enable-largefile \
> --disable-openssl-version-check
>
> Using iptraf, we're having total rates of around 20Mbps of traffic per
> server.  named.stats.txt showed that failure is very high and recursions
> compare w/ success. CPU utilization averages at 40-60 per server and memory
> rise to 20 to 50 % Utilization. We've seen many SERVFAIL from our tcpdumps
> going to legitimate domains and about 3-5 times dig to a domain before the
> queries became sucessful.

Please provide some more information:

- OS kernel version
- you named configuration (named.conf)
- initial log messages when you start named with the same command-line
 options plus '-g'
- number of sockets named actually opens when you see the many
 SERVFAILs (use lsof for example to see this)

---
JINMEI, Tatuya
Internet Systems Consortium, Inc.

Advertisement:

Lietuviams reikia dideles pasto dezutes.
Tikrai dideles.
INBOX.LT - 10 GB nemokamas pastas!

More information about the bind-users mailing list