no more recursive clients: quota reached
John Wobus
jw354 at cornell.edu
Fri Aug 28 17:10:39 UTC 2009
On Aug 28, 2009, at 8:59 AM, Dave Sparro wrote:
> On Thu, Aug 27, 2009 at 12:17 PM, Niall
> O'Reilly<Niall.oReilly at ucd.ie> wrote:
>> Lisa Casey wrote:
>>
>>> Aug 26 12:48:56 netlink named[295]: client 207.191.185.6#60614: no
>>> more
>>> recursiv
>>> e clients: quota reached
>>
>>> Any ideas on how I should go about solving/fixing this?
>>
>> I'ld suggest you check your connectivity and routing.
>>
>> We see this behaviour occasionally, but only ever as a
>> consequence of a back-hoe incident or similar catastrophe
>> which
>> isolates one of our campuses where there is a local resolving
>> server.
>>
>
> Although it may not be a problem on your end of the network. You
> could be seeing a spike in DNS queries because somebody really, really
> wants to talk to a remote location that is having problems.
>
> DNStop may be able to help you pinpoint what DNS queries are giving
> you problems:
> http://dns.measurement-factory.com/tools/dnstop/
>
> Run it on the DNS server to see if there are any queries that you are
> seeing get repeated continuously.
>
> --
> Dave
I concur. 1000 is a lot of simultaneous queries. Perhaps your site
is busy enough to generate that many "legitimate" queries, but
hitting that 1000 mark can also be a symptom of something slowing or
black-holing queries. When I've seen "quota reached" logging,
typically further investigation reveals that there were network
connectivity
issues at the time.
Your example of 564/1000, if that's typical suggests that perhaps you
truly do have enough
normal queries to top out occasionally. On the other hand, if you
usually see fewer than
100, but it occasionally shoots to 1000, that could be a specific app
doing something
(e.g., monthly web access log analysis), but could also be network
issues.
(In some cases, it might be useful to set up a separate nameserver
dedicated to the
demanding app.)
The age of the queries can also be revealing.
John
More information about the bind-users
mailing list