File descriptors
Todd
canadaboy at gmail.com
Wed Feb 25 21:43:45 UTC 2009
I've done some more digging today - I have found a couple 9.2.4
servers that had the same file descriptors problem at the same time as
the 9.4.2-p2 servers.
Feb 24 13:28:48 dns01 named[29292]: socket: too many open file descriptors
Both servers named processes seem to have 2048 FD's available:
# grep FDSize /proc/29292/status
FDSize: 2048
So it would seem that 9.2.4 also has a problem. We will still look to
upgrade these, but I wanted comment in case anyone else was having
problems and searching.
Cheers,
t.
On Tue, Feb 24, 2009 at 11:01 PM, JINMEI Tatuya / 神明達哉
<Jinmei_Tatuya at isc.org> wrote:
> At Tue, 24 Feb 2009 15:10:36 -0500,
> Todd <canadaboy at gmail.com> wrote:
>
>> The servers in question are running a mix of BIND versions .. 9.2.3,
>> 9.2.4, 9.3.2, 9.3.4, 9.4.1, 9.4.2-p2, the majority are 9.3.4 and
>> 9.4.2-P2
>
> Then are confused somehow. Among above, the only version that could
> cause the "too many open file descriptors" problem is 9.4.2-P2 (this
> doesn't mean you can safely use the others; they are vulnerable to the
> so-called 'Kaminsky' caching poisoning attacks).
>
> Regarding 9.4.2-P2, I'd strongly recommend to upgrade to 9.4.3-P1.
> 9.4.2-P2 has a fundamental performance problem due to the use of
> inefficient socket API, which has been solved in 9.4.3 and onward.
> If you still have the same problem with 9.4.3-P1, please report it
> again.
>
> ---
> JINMEI, Tatuya
> Internet Systems Consortium, Inc.
>
More information about the bind-users
mailing list