Bind bind high recv-q
Cathy Almond
cathya at isc.org
Fri Dec 4 22:13:24 UTC 2015
On 04/12/2015 12:34, Tony Finch wrote:
> Søren Andersen <SOAN at stofa.dk> wrote:
>>
>> I'm experiencing some strange problems with my bind installation. - I
>> notice my bind recv-q is quite high sometimes.. therefore my DNS clients
>> can experience DNS lookup to take 1-4 secs. My bind is running on a 4
>> core vm I VMware with 8Gb ram. - At peak I receive app. 700-800 QPS. -
>> The load is 20-40% on each CPU core. - I've also configured 2 RPZ zones.
>
> Is your server an open resolver being used as part of a DDoS attack?
>
> Do you have compromised client machines running malware that hammers your
> server?
>
> Find out where the queries are coming from using netflow or tcpdump or
> query logging.
>
> Tony.
Also, if your server is not well-connected (if you have slow or
intermittent packet drops) between your server and the Internet, then
you might be affected by a defect in the prefetch implementation that
can impact performance for some server environments.
See https://kb.isc.org/article/AA-01315 and see if disabling prefetch
helps in your environment.
(The problem that this article talks about will be fixed in 9.10.4).
More information about the bind-users
mailing list