delay between nsupdate and NOTIFY
cmusser at sonic.net
Fri Jun 5 02:31:48 UTC 2015
We are experiencing a delay of approximately 9 minutes between the time a zone is changed on our DNS master (via nsupdate) and the time at which the NOTIFY is sent to slaves. We've turned up logging on the master and some slaves, then watched for messages regarding a test zone. On the master, an update causes a log message indicating that the NOTIFY has been queued. Several minutes later, there are additional messages indicating that a NOTIFY has been sent and, on the slave, we see the corresponding NOTIFY receive log message, followed by the slave sending a transfer. After this, the slave has the updated zone data.
The master runs BIND 9.9.7 and is authoritative for ~70000 zones. There are approximately 20 slaves. ON the master, "rndc status" reports the count "xfers deferred" is always near 300 and the count of "xfers running" is always 10. Given that, we suspected that a backlog of transfers was causing the delay, so we tried increasing the transfer-out from the default (10) to 75. That didn't increase the number of "xfers running", nor make the delay go away.
We don't know when the behavior started. The master server was upgraded from 9.7.3 to 9.9.7 a couple of weeks back, but no one noticed a the delay until today. We didn't see anything obvious in the BIND change log regarding changes in this area.
More information about the bind-users