Need to improve named performance

Ed LaFrance edl at connexinternet.com
Sun Nov 11 01:53:02 UTC 2012


Hello Alan -

It's also worth noting that, since I have more IPs on the box than the 
ones that are designated as nameservers, and since I have dns listening 
on all addresses, I can query named using one of the non-nameserver IPs 
- and it works fine! For instance:

nslookup x.x.x.29 y.y.y.114
Server:         y.y.y.114
Address:        y.y.y.114#53

29.x.x.x.in-addr.arpa      name = foo.bar.net.

The problem is that the UDP receive queue is flooded for the two IPs 
that correspond to the two nameservers on this box. I.e.

ns2.mydomain.net = y.y.y.115

nslookup x.x.x.29 y.y.y.115
;; connection timed out; no servers could be reached

but since y.y.y.112/29 is on this box, you can query:

nslookup x.x.x.29 y.y.y.116
Server:         y.y.y.116
Address:        y.y.y.116#53

29.x.x.x.in-addr.arpa      name = foo-bar.net.

[cololine at ns3 ~]$ nslookup x.x.x.29 y.y.y.117
Server:         y.y.y.117
Address:        y.y.y.117#53

29.x.x.x.in-addr.arpa      name = foo.bar.net.

...etc.

What I need, hope for, want, is someone to tell me how to fix upnamed 
and/or UDP on this box so it can keep up with requests that are 
happening on the nameserver IPs, as clearly the server can do what it 
needs to do if I can get past this brokenness.

Thanks,

Ed

On 11/10/2012 3:46 PM, Alan Clegg wrote:
>
> On Nov 10, 2012, at 1:39 PM, Ed LaFrance<edl at connexinternet.com>  wrote:
>
>> When I check the router above this server I'll see 200 - 500 legitimate connections to this server at any given time.
>
> Having sent my snarky "update" e-mail, I now ask... you say later in the mail that you are doing about 20 queries per second (which I agree should be handled by any hardware with more oomph than a Z-80).
>
> I'm curious as to what these "200-500 legitimate connections" are.  Are they TCP?  If so, are you seeing lots of TCP connections hanging around?  Do you have some firewall in the midst of this that might be messing around with TCP connections?
>
> If you do a "rndc recursing", what do you get?
>
> If you are only doing 20-30 transactions per second, the stats on the UDP counts would have taken a long time to get there... something doesn't add up.
>
> AlanC

-- 
(800) 362-7579 ext 1

+-------------------------------------------------------+
+ Colocation    Dedicated Servers   IPv4 & IPv6 Transit +
+-------------------------------------------------------+
Connex Internet Services, Inc.     direct: (916) 265-1568
11230 Gold Express Dr #310-313        fax: (916) 880-5663
Gold River, CA 95670            http://connexinternet.com
+-------------------------------------------------------+



More information about the bind-users mailing list