bind-users Digest, Vol 1361, Issue 2

Ed LaFrance edl at connexinternet.com
Sun Nov 11 22:17:06 UTC 2012


Did not get your post for some reason. I am running IP tables with a 
simple firewall setup. No idea on ip_conntrack. How do I check and if 
so, what setting should I try and how do I do it?

Thanks!
Ed

> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 11 Nov 2012 12:41:53 +0000 (GMT)
> From: "G.W. Haywood"<bind at jubileegroup.co.uk>
> To:bind-users at lists.isc.org
> Subject: Re: Need to improve named performance
> Message-ID:
> 	<Pine.LNX.4.64.1211111236160.19338 at mail5.jubileegroup.co.uk>
> Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
>
> Hi there,
>
> On Sun, 11 Nov 2012, Ed LaFrance wrote:
>
>> >  Running BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5 ...
> Somebody already said upgrade.  Generally that's the first thing to do
> in a case like this (before asking on mailing lists:).
>
>> >  The issue is that named is not keeping up with rdns requests. The
>> >  nameserver is only doing rdns, and it's the only public process on the
>> >  server (no webhosting, monitoring, etc).
>> >
>> >  When I check the router above this server I'll see 200 - 500 legitimate
>> >  connections to this server at any given time. ...
> I'm not convinced that BIND is the problem.  What does 'top' tell you?
>
> Are you running netfilter/iptables on the box?  Might be ip_conntrack.
> I once had an issue with a lot of dropped TCP connections, each of
> which was hanging around for five days (the default).  They filled the
> connection tracking table.  The default is too long, ridiculously so.
> After I reduced it to something more reasonable the problem went away.
>
> --
>
> 73,
> Ged.
>

-- 
(800) 362-7579 ext 1

+-------------------------------------------------------+
+ Colocation    Dedicated Servers   IPv4 & IPv6 Transit +
+-------------------------------------------------------+
Connex Internet Services, Inc.     direct: (916) 265-1568
11230 Gold Express Dr #310-313        fax: (916) 880-5663
Gold River, CA 95670            http://connexinternet.com
+-------------------------------------------------------+



More information about the bind-users mailing list