Need to improve named performance

Ed LaFrance edl at connexinternet.com
Mon Nov 12 15:23:27 UTC 2012


Hello Florian -

You are my hero and new best friend. I stopped syslog:

[root at ns1 lisinc]# /sbin/service syslog stop
Shutting down kernel logger:                               [  OK  ]
Shutting down system logger:                               [  OK  ]

...and all the problems cleared up instantly, so you called it correctly.

I had noticed in /var/log/messages that basically every query was being 
logged:

Nov 12 06:23:54 ns1 named[8349]: client 64.12.139.83#37778: query: 
219.161.72.64.in-addr.arpa IN ANY -E
Nov 12 06:23:54 ns1 named[8349]: client 208.69.32.21#17245: query: 
129.160.72.64.in-addr.arpa IN PTR -
Nov 12 06:23:54 ns1 named[8349]: client 64.12.139.81#31273: query: 
211.21.140.204.in-addr.arpa IN PTR -E
Nov 12 06:23:54 ns1 named[8349]: client 74.125.18.212#62466: query: 
217.94.119.199.in-addr.arpa IN PTR -

I've been corresponding with several people on this issue but no one had 
questioned that when I pointed it out.

I really don't need this kind of logging in the messages log. I can turn 
on query logging in the named.conf if I need more detail on named. I 
think the simplest thing would just be to have an exclusion in the 
syslog config for named. I confess some general ignorance, so perhaps 
you know the directive for that?

Thanks again!

Ed

On 11/11/2012 10:56 PM, Florian Weimer wrote:
> * Ed LaFrance:
>
>> Thanks for chiming in. Named is PID 8349 in my case. Here's a snippet
>> of the output from strace:
>
>> [pid  8351] send(3, "<30>Nov 11 13:07:25 named[8349]:"..., 107,
>> MSG_NOSIGNAL) = 107<0.015232>
>
>> [pid  8353] send(3, "<30>Nov 11 13:07:25 named[8349]:"..., 103,
>
>> [pid  8353]<... send resumed>  )        = 103<0.015034>
>
> This look like syslog logging is the culprit, each syslog message
> takes 15ms to complete.
>
> There could be several causes: syslogd is logging synchronously to
> disk (doing an fsync after each message), something else in the system
> is producing an extremely large number of messages (syslogd is
> single-threaded), or there is a request loop where writing out the
> syslog message for each reverse DNS request requires itself a reverse
> DNS lookup.
>
> You should also check if named is expected to log this many messages
> in the first place.  You can pass "-s 200" to strace to see more of
> the logging message, so this should help to identify what's going on.
>
> I don't think this has got anything to do with the particular BIND
> version you use.
>

-- 
(800) 362-7579 ext 1

+-------------------------------------------------------+
+ Colocation    Dedicated Servers   IPv4 & IPv6 Transit +
+-------------------------------------------------------+
Connex Internet Services, Inc.     direct: (916) 265-1568
11230 Gold Express Dr #310-313        fax: (916) 880-5663
Gold River, CA 95670            http://connexinternet.com
+-------------------------------------------------------+



More information about the bind-users mailing list