Need to improve named performance
bind at jubileegroup.co.uk
Sun Nov 11 12:41:53 UTC 2012
On Sun, 11 Nov 2012, Ed LaFrance wrote:
> Running BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5 ...
Somebody already said upgrade. Generally that's the first thing to do
in a case like this (before asking on mailing lists:).
> The issue is that named is not keeping up with rdns requests. The
> nameserver is only doing rdns, and it's the only public process on the
> server (no webhosting, monitoring, etc).
> When I check the router above this server I'll see 200 - 500 legitimate
> connections to this server at any given time. ...
I'm not convinced that BIND is the problem. What does 'top' tell you?
Are you running netfilter/iptables on the box? Might be ip_conntrack.
I once had an issue with a lot of dropped TCP connections, each of
which was hanging around for five days (the default). They filled the
connection tracking table. The default is too long, ridiculously so.
After I reduced it to something more reasonable the problem went away.
More information about the bind-users