SV: Bind bind high recv-q

Vinny_Abello at Vinny_Abello at
Tue Dec 8 14:24:46 UTC 2015

Assuming you have rndc configured properly for remote management of all these servers, it's simply:

rndc  -s server1 flush
rndc  -s server2 flush
rndc  -s server3 flush

etc... script however you'd like to achieve in your environment.


From: bind-users-bounces at [mailto:bind-users-bounces at] On Behalf Of Mohammed Shareef
Sent: Monday, December 07, 2015 4:42 AM
To: bind-users at
Subject: FW: SV: Bind bind high recv-q

Hi All,

I have 140 windows dns server on which we have install ISC bind services, I would like to know any script to flush the dns in all cache.

Thanks & Regards,

Mohammed Shareef

> From: SOAN at<mailto:SOAN at>
> To: dot at<mailto:dot at>
> Subject: SV: Bind bind high recv-q
> Date: Sun, 6 Dec 2015 19:58:38 +0000
> CC: bind-users at<mailto:bind-users at>
> Hi Tony,
> Nope, my server is not an open resolver, but a lot of clients are using it :) - Actually one of my customers had a broken netgear device that was making 1000 qps for Probably some kind of software bug.
> I can recommend dnstop to find "bad dns clients" - But dnstop also showed me I'm getting 5-7K qps, and not 700-800 as collectd showed me.
> Do you think this is too much for a VM? - My VM is only loaded 50% on each core.
>  /Søren
> -----Oprindelig meddelelse-----
> Fra: Tony Finch [mailto:fanf2 at] På vegne af Tony Finch
> Sendt: 4. december 2015 13:34
> Til: Søren Andersen <SOAN at<mailto:SOAN at>>
> Cc: bind-users at<mailto:bind-users at>
> Emne: Re: Bind bind high recv-q
> Søren Andersen <SOAN at<mailto:SOAN at>> wrote:
> >
> > I'm experiencing some strange problems with my bind installation. - I
> > notice my bind recv-q is quite high sometimes.. therefore my DNS
> > clients can experience DNS lookup to take 1-4 secs. My bind is running
> > on a 4 core vm I VMware with 8Gb ram. - At peak I receive app. 700-800
> > QPS. - The load is 20-40% on each CPU core. - I've also configured 2 RPZ zones.
> Is your server an open resolver being used as part of a DDoS attack?
> Do you have compromised client machines running malware that hammers your server?
> Find out where the queries are coming from using netflow or tcpdump or query logging.
> Tony.
> --
> f.anthony.n.finch <dot at<mailto:dot at>> Southeast Iceland: Southeasterly 6 to gale 8, becoming cyclonic 7 to severe gale 9, then veering westerly gale 8 to storm 10, perhaps violent storm 11 later. High or very high later. Wintry showers. Moderate or poor, occasionally very poor.
> _______________________________________________
> Please visit to unsubscribe from this list
> bind-users mailing list
> bind-users at<mailto:bind-users at>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the bind-users mailing list