Need to improve named performance
Ed LaFrance
edl at connexinternet.com
Sun Nov 11 01:53:02 UTC 2012
Hello Alan -
It's also worth noting that, since I have more IPs on the box than the
ones that are designated as nameservers, and since I have dns listening
on all addresses, I can query named using one of the non-nameserver IPs
- and it works fine! For instance:
nslookup x.x.x.29 y.y.y.114
Server: y.y.y.114
Address: y.y.y.114#53
29.x.x.x.in-addr.arpa name = foo.bar.net.
The problem is that the UDP receive queue is flooded for the two IPs
that correspond to the two nameservers on this box. I.e.
ns2.mydomain.net = y.y.y.115
nslookup x.x.x.29 y.y.y.115
;; connection timed out; no servers could be reached
but since y.y.y.112/29 is on this box, you can query:
nslookup x.x.x.29 y.y.y.116
Server: y.y.y.116
Address: y.y.y.116#53
29.x.x.x.in-addr.arpa name = foo-bar.net.
[cololine at ns3 ~]$ nslookup x.x.x.29 y.y.y.117
Server: y.y.y.117
Address: y.y.y.117#53
29.x.x.x.in-addr.arpa name = foo.bar.net.
...etc.
What I need, hope for, want, is someone to tell me how to fix upnamed
and/or UDP on this box so it can keep up with requests that are
happening on the nameserver IPs, as clearly the server can do what it
needs to do if I can get past this brokenness.
Thanks,
Ed
On 11/10/2012 3:46 PM, Alan Clegg wrote:
>
> On Nov 10, 2012, at 1:39 PM, Ed LaFrance<edl at connexinternet.com> wrote:
>
>> When I check the router above this server I'll see 200 - 500 legitimate connections to this server at any given time.
>
> Having sent my snarky "update" e-mail, I now ask... you say later in the mail that you are doing about 20 queries per second (which I agree should be handled by any hardware with more oomph than a Z-80).
>
> I'm curious as to what these "200-500 legitimate connections" are. Are they TCP? If so, are you seeing lots of TCP connections hanging around? Do you have some firewall in the midst of this that might be messing around with TCP connections?
>
> If you do a "rndc recursing", what do you get?
>
> If you are only doing 20-30 transactions per second, the stats on the UDP counts would have taken a long time to get there... something doesn't add up.
>
> AlanC
--
(800) 362-7579 ext 1
+-------------------------------------------------------+
+ Colocation Dedicated Servers IPv4 & IPv6 Transit +
+-------------------------------------------------------+
Connex Internet Services, Inc. direct: (916) 265-1568
11230 Gold Express Dr #310-313 fax: (916) 880-5663
Gold River, CA 95670 http://connexinternet.com
+-------------------------------------------------------+
More information about the bind-users
mailing list