Solved: high CPU and 'top' shows named as the culprit
frnkblk at iname.com
Sat Jul 25 14:42:45 UTC 2015
For the benefit of the archives, I want to share what I found while
troubleshooting a high CPU issue on two of our servers running BIND. (We
happen to be running Debian Wheezy with a Debian patched version of BIND
While looking through some graphs I noticed that the CPU of two of our
servers was very high, and 'top' revealed that named was taking 60 to 70% of
Since we had enabled DNSsec earlier this week that was the item immediately
under suspicion, but the graphs showed this high CPU issue started on June
Using my google-fu I found lots of hits on the "managed-keys-directory"
ad), and while implementing those suggestion did resolve the warning I was
seeing the logs, the CPU remained high.
The next area focus was permissions, as I was getting this warning:
Jul 24 16:08:41 mail2 named: logging channel 'default_log'
file '/var/log/bind.log': permission denied
but logging was working correctly, and fixing the permission for that file,
and verifying it for the others, didn't reduce the CPU.
g and https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1086775 and
I got side-tracked with AppArmor for a while, but our Debian installation
doesn't have that, so it's a moot point.
Then I googled more specifically for 9.7.3 and high CPU, and came across a
thread that mentioned NTP
Curious, it was June 30, the day of the leapsecond, let me check ... sure
enough, the CPU jump exactly at 7 pm (I'm in U.S. Central).
Restarting NTP (and then named) did not resolve the issue, but executing
date -s "$(date -u)"
immediately resolved the issue, without needing to restart named.
More on this issue here:
More information about the bind-users