BIND and UDP tuning
Alex
mysqlstudent at gmail.com
Sat Sep 29 19:40:44 UTC 2018
Hi,
> DOCSIS cable systems use an upstream request/grant system to avoid
> collisions (they act as a hub where only one cable modem in the node can
> transmit at the same time). This leads to low pps rates compared with
> ethernet. Even a 10M ethernet connection (1k-10k pps) will outperform a
> 1gig cable connection (a few hundred pps).
>
> Based on the info you've provided, I suspect that you may be running
> into this limit. As another poster suggested, you might consider moving
> your DNS server to a VPS hosted on an ethernet connection at a location
> more suited for DNS server operation or otherwise try to leverage your
> upstream provider's DNS or an outside DNS server.
I remember hearing this some time ago, and had even made mention very
early on that I questioned if it was the cable itself.
However, I've tried using Optonline's DNS and the "Name service error"
errors from postfix continued. Could it be affecting that traffic as
well, considering effectively the same UDP packets are being
transferred?
I also used socat to build an encrypted tunnel between this system
connected to the cable modem and our VPS system, and the SERVFAIL
messages stopped. However, there are still quite a few "Name service
error" errors from postfix.
I realize this is bind-users, not a postfix list, but any idea if
those errors could also be due to it being a cable circuit?
Sep 29 14:33:54 mail03 postfix/dnsblog[3290]: warning: dnsblog_query:
lookup error for DNS query 123.139.28.66.dnsbl.sorbs.net: Host or
domain name not found. Name service error for
name=123.139.28.66.dnsbl.sorbs.net type=A: Host not found, try again
I'd really be interested in people's input here.
Thanks,
Alex
More information about the bind-users
mailing list