SV: Bind bind high recv-q
Vinny_Abello at Dell.com
Vinny_Abello at Dell.com
Tue Dec 8 14:24:46 UTC 2015
Assuming you have rndc configured properly for remote management of all these servers, it's simply:
rndc -s server1 flush
rndc -s server2 flush
rndc -s server3 flush
etc... script however you'd like to achieve in your environment.
-Vinny
From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Mohammed Shareef
Sent: Monday, December 07, 2015 4:42 AM
To: bind-users at lists.isc.org
Subject: FW: SV: Bind bind high recv-q
Hi All,
I have 140 windows dns server on which we have install ISC bind services, I would like to know any script to flush the dns in all cache.
Thanks & Regards,
Mohammed Shareef
> From: SOAN at stofa.dk<mailto:SOAN at stofa.dk>
> To: dot at dotat.at<mailto:dot at dotat.at>
> Subject: SV: Bind bind high recv-q
> Date: Sun, 6 Dec 2015 19:58:38 +0000
> CC: bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>
>
> Hi Tony,
>
> Nope, my server is not an open resolver, but a lot of clients are using it :) - Actually one of my customers had a broken netgear device that was making 1000 qps for time-g.netgear.com. Probably some kind of software bug.
>
> I can recommend dnstop to find "bad dns clients" - But dnstop also showed me I'm getting 5-7K qps, and not 700-800 as collectd showed me.
>
> Do you think this is too much for a VM? - My VM is only loaded 50% on each core.
>
> /Søren
>
> -----Oprindelig meddelelse-----
> Fra: Tony Finch [mailto:fanf2 at hermes.cam.ac.uk] På vegne af Tony Finch
> Sendt: 4. december 2015 13:34
> Til: Søren Andersen <SOAN at stofa.dk<mailto:SOAN at stofa.dk>>
> Cc: bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>
> Emne: Re: Bind bind high recv-q
>
> Søren Andersen <SOAN at stofa.dk<mailto:SOAN at stofa.dk>> wrote:
> >
> > I'm experiencing some strange problems with my bind installation. - I
> > notice my bind recv-q is quite high sometimes.. therefore my DNS
> > clients can experience DNS lookup to take 1-4 secs. My bind is running
> > on a 4 core vm I VMware with 8Gb ram. - At peak I receive app. 700-800
> > QPS. - The load is 20-40% on each CPU core. - I've also configured 2 RPZ zones.
>
> Is your server an open resolver being used as part of a DDoS attack?
>
> Do you have compromised client machines running malware that hammers your server?
>
> Find out where the queries are coming from using netflow or tcpdump or query logging.
>
> Tony.
> --
> f.anthony.n.finch <dot at dotat.at<mailto:dot at dotat.at>> http://dotat.at/ Southeast Iceland: Southeasterly 6 to gale 8, becoming cyclonic 7 to severe gale 9, then veering westerly gale 8 to storm 10, perhaps violent storm 11 later. High or very high later. Wintry showers. Moderate or poor, occasionally very poor.
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20151208/d031eddd/attachment.html>
More information about the bind-users
mailing list