no more recursive clients: quota reached

John Wobus jw354 at cornell.edu
Fri Aug 28 17:10:39 UTC 2009


On Aug 28, 2009, at 8:59 AM, Dave Sparro wrote:

> On Thu, Aug 27, 2009 at 12:17 PM, Niall  
> O'Reilly<Niall.oReilly at ucd.ie> wrote:
>> Lisa Casey wrote:
>>
>>> Aug 26 12:48:56 netlink named[295]: client 207.191.185.6#60614: no  
>>> more
>>> recursiv
>>> e clients: quota reached
>>
>>> Any ideas on how I should go about solving/fixing this?
>>
>>        I'ld suggest you check your connectivity and routing.
>>
>>        We see this behaviour occasionally, but only ever as a
>>        consequence of a back-hoe incident or similar catastrophe  
>> which
>>        isolates one of our campuses where there is a local resolving
>>        server.
>>
>
> Although it may not be a problem on your end of the network.  You
> could be seeing a spike in DNS queries because somebody really, really
> wants to talk to a remote location that is having problems.
>
> DNStop may be able to help you pinpoint what DNS queries are giving
> you problems:
> http://dns.measurement-factory.com/tools/dnstop/
>
> Run it on the DNS server to see if there are any queries that you are
> seeing get repeated continuously.
>
> -- 
> Dave

I concur.  1000 is a lot of simultaneous queries.  Perhaps your site
is busy enough to generate that many "legitimate" queries, but
hitting that 1000 mark can also be a symptom of something slowing or
black-holing queries.  When I've seen "quota reached" logging,
typically further investigation reveals that there were network  
connectivity
issues at the time.

Your example of 564/1000, if that's typical suggests that perhaps you  
truly do have enough
normal queries to top out occasionally.  On the other hand, if you  
usually see fewer than
100, but it occasionally shoots to 1000, that could be a specific app  
doing something
(e.g., monthly web access log analysis), but could also be network  
issues.
(In some cases, it might be useful to set up a separate nameserver  
dedicated to the
demanding app.)

The age of the queries can also be revealing.

John



More information about the bind-users mailing list