Q on clients-per-query, max-clients-per-query
Mark Andrews
marka at isc.org
Thu Mar 24 20:11:32 UTC 2011
In message <688460.82562.qm at web121414.mail.ne1.yahoo.com>, Fr34k writes:
> ----- Original Message ----
>
> > From: Mark Andrews
> > To: Fr34k
> > Cc: Bindlist
> > Sent: Wed, March 23, 2011 9:04:00 PM
> > Subject: Re: Q on clients-per-query, max-clients-per-query
> >
> >
> > In message <>, Fr34k writes:
> > > Hello,
> > >
> > > # The ARM says: #
> > > clients-per-query, max-clients-per-query
> > > These set the initial value (minimum) and maximum number of recursive
> > > simultaneous clients for any given query (<qname,qtype,qclass>) that the
>
> >serv
> > > er
> > > will accept before dropping additional clients. named will attempt to se
> lf
> >tu
> > > ne
> > > this value and changes will be logged. The default values are 10 and 10
> 0.
> > > If clients-per-query is set to zero, then there is no limit on the numbe
> r of
> >
> > > clients per query and no queries will be dropped. If max-clients-per-qu
> ery
> >i
> > > s
> > > set to zero, then there is no upper bound other than imposed by
> > > recursive-clients.
> > >
> > >
> > > # Consider that I have: #
> > > clients-per-query 10 ; max-clients-per-query 20 ;
> > >
> > >
> > > # What I think this means in hypothetical situations: #
> > > 1. If I have 100 customer Windows machines requesting A record(s) for
> > > non-responsive-domain.com, then my caching server will only recurs the f
> irst
> >
> > > 20
> > > of such requests and drop the other 80. Is this correct, or what is the
>
> >like
> > > ly
> > > process?
> > >
> > > 2. If I have 100 customer Windows machines requesting A record(s) for
> > > very-slow-to-respond.com, then my caching server will only recurs the f
> irst
> >
> > > 20
> > > of such requests and drop the other 80. Is this correct, or what is the
>
> >like
> > > ly
> > > process?
> > >
> > > Let's say the name servers authoritative for this domain finally respond
> ,
> >the
> > > n
> > > my bind server will respond to the 20 queries.
> > > Is this correct, or what is the likely process?
> > >
> > > Now that I have the A record for www.very-slow-to-respond.com in cache (
> say
> >T
> > > TL
> > > is 24h) and it is likely that the 80 unsatisfied customer Windows machin
> es
> >wi
> > > ll
> > > make another query attempt and, because I have this cached, finally get
> a
> > > response.
> > > Is this correct, or what is the likely process?
> > >
> > > It won't hurt my feeling if someone rather provide a better example that
> may
> >
> > > demonstrate how these settings work.
> >
> > You have a empty cache. You get a query for google.com. You send
> > a query to the root servers for google.com. Another query for
> > google.com comes in. You add it to the existing query for google.com.
> > You get the answer back from the root servers. You ask the com
> > servers for google.com. You get another 3 query for google.com,
> > you add these to the original query. You get a response from the
> > com servers. You ask the google.com servers for google.com. You
> > get more queries for google.com. You get a answer back from the
> > google.com servers and you send the answers back to all the clients
> > that asked you for google.com. Future queries for google.com will
> > be answered from the cache until the record expires.
> >
> > Now if more than 10 clients ask you for google.com while this is
> > happening you will just drop the new clients (they should retry).
> > Named will remember that it dropped clients and as it got a answer
> > it will increase the number of clients that it serve for the next
> > query. It's a little more complicted than this but this will do
> > for this explaination. This lets named adjust to the normal query
> > rate and how far it is from the usual nameservers it talks to round
> > trip wise. This normally take less than a second.
> >
> > Now lets say the servers for a zone are unreachable. Named will
> > only queue up 10 clients before it starts dropping them. This stops
> > the recursive client slots all being taken on queries talking to
> > these servers.
> >
> > Similar a flash crowd of queries for the same name will be mostly
> > dropped until the answer is received.
>
> So, does BIND behave the same whether it is a single PC making 100 queries fo
> r
> the same record compared to 555 PCs making queries for the same record?
> That is, how does BIND treat "clients-per-query, max-clients-per-query"
> differently based upon the query requesters' IP address(es)?
>
> (I want to assume I know the answer, but I have an interesting network event
> and
> I want to be able to understand/communicate the snoop logs we captured)
>
> I'm using 9.7.2-P2, if version is significant.
>
> Thank you.
Named uses the source address, source port and query id to find
duplicate queries. Duplicate queries are dropped before the
clients-per-query code.
A client is not a machine. It is a process/task on a machine.
The code to find the existing query can fail to find it in the
version of named you are running. This is fixed in 9.6.3, 9.7.3
and 9.8.0.
3009. [bug] clients-per-query code didn't work as expected with
particular query patterns. [RT #22972]
Mark
> > Mark
> >
> > > Thank you.
> > >
> > > _______________________________________________
> > > bind-users mailing list
> > > bind-users at lists.isc.org
> > > https://lists.isc.org/mailman/listinfo/bind-users
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742 INTERNET:
> >
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list