Significant memory usage
Philip Prindeville
philipp_subx at redfish-solutions.com
Tue Jun 10 00:07:22 UTC 2025
I’ve been running for 12+ hours with a max-cache-size of 256M (since I’m on a machine with 2GB that does a lot of data reduction as it’s a honeypot firewall).
This is what I’ve collected.
+++ Statistics Dump +++ (1749514002)
++ Incoming Requests ++
203077 QUERY
12014 UPDATE
++ Incoming Queries ++
108935 A
2020 NS
24 CNAME
2290 SOA
1407 PTR
701 MX
18025 TXT
39666 AAAA
1462 SRV
1181 NAPTR
2 DNSKEY
5967 SVCB
21397 HTTPS
++ Outgoing Rcodes ++
152520 NOERROR
189 SERVFAIL
41017 NXDOMAIN
45 YXDOMAIN
11623 NOTAUTH
++ Outgoing Queries ++
[View: default]
92795 A
42799 NS
241 CNAME
1 SOA
357 PTR
332 MX
2529 TXT
29075 AAAA
248 SRV
236 NAPTR
8493 DS
1498 DNSKEY
13084 HTTPS
[View: _bind]
++ Name Server Statistics ++
215091 IPv4 requests received
72199 requests with EDNS(0) received
12276 requests with TSIG received
11623 requests with invalid signature
622 TCP requests received
2 TCP connection high-water
205394 responses sent
192 truncated responses sent
72199 responses with EDNS(0) sent
12276 responses with TSIG sent
130275 queries resulted in successful answer
9979 queries resulted in authoritative answer
183212 queries resulted in non authoritative answer
21899 queries resulted in nxrrset
189 queries resulted in SERVFAIL
41017 queries resulted in NXDOMAIN
105274 queries caused recursion
9693 duplicate queries received
4 queries dropped
346 updates completed
45 updates failed
45 updates rejected due to prerequisite failure
89 Recursive clients high-water
202597 UDP queries received
366 TCP queries received
2203 synthesized a NXDOMAIN response
107 synthesized a no-data response
1036 queries triggered prefetch
++ Zone Maintenance Statistics ++
2 IPv4 notifies sent
++ Resolver Statistics ++
[Common]
[View: default]
191688 IPv4 queries sent
190652 IPv4 responses received
33532 NXDOMAIN received
1 SERVFAIL received
6 FORMERR received
6 EDNS(0) query failures
149 truncated responses received
9 lame delegations received
51499 query retries
1040 query timeouts
8083 IPv4 NS address fetches
53 IPv4 NS address fetch failed
173129 DNSSEC validation attempted
97820 DNSSEC validation succeeded
75297 DNSSEC NX validation succeeded
12 DNSSEC validation failed
182275 queries with RTT 10-100ms
8354 queries with RTT 100-500ms
2 queries with RTT 500-800ms
1 queries with RTT 800-1600ms
2 queries with RTT > 1600ms
4 bucket size
149 REFUSED received
187740 COOKIE send with client cookie only
3942 COOKIE sent with client and server cookie
9016 COOKIE replies received
7837 COOKIE client ok
91 bad cookie rcode
4 spilled due to clients per query quota
18 waited for next item
1 priming queries
[View: _bind]
4 bucket size
++ Cache Statistics ++
[View: default]
1235195 cache hits
26 cache misses
309936 cache hits (from query)
152645 cache misses (from query)
0 cache records deleted due to memory exhaustion
95115 cache records deleted due to TTL expiration
90472 covering nsec returned
8227 cache database nodes
160 cache NSEC auxiliary database nodes
0 cache database hash buckets
4145226 cache tree memory in use
131296 cache heap memory in use
[View: _bind (Cache: _bind)]
0 cache hits
0 cache misses
0 cache hits (from query)
0 cache misses (from query)
0 cache records deleted due to memory exhaustion
0 cache records deleted due to TTL expiration
0 covering nsec returned
0 cache database nodes
0 cache NSEC auxiliary database nodes
0 cache database hash buckets
39370 cache tree memory in use
224 cache heap memory in use
++ Cache DB RRsets ++
[View: default]
5234 A
1856 NS
583 CNAME
56 SOA
66 PTR
19 MX
76 TXT
2362 AAAA
1 SRV
1 NAPTR
300 DS
1025 RRSIG
76 NSEC
143 DNSKEY
23 HTTPS
4 !A
105 !NS
8 !TXT
46 !AAAA
1 !NAPTR
166 !DS
50 !HTTPS
1 ~NS
2 ~RRSIG
2 ~NSEC
2 ~!NS
183 NXDOMAIN
[View: _bind (Cache: _bind)]
++ ADB stats ++
[View: default]
5274 Addresses in hash table
6668 Names in hash table
[View: _bind]
++ Socket I/O Statistics ++
191596 UDP/IPv4 sockets opened
169 TCP/IPv4 sockets opened
191580 UDP/IPv4 sockets closed
777 TCP/IPv4 sockets closed
41 UDP/IPv4 socket bind failures
43 UDP/IPv4 socket connect failures
1 TCP/IPv4 socket connect failures
191538 UDP/IPv4 connections established
150 TCP/IPv4 connections established
627 TCP/IPv4 connections accepted
39 UDP/IPv4 send errors
20 UDP/IPv4 sockets active
25 TCP/IPv4 sockets active
++ Per Zone Query Statistics ++
++ Per Zone Glue Cache Statistics ++
[redfish-solutions.com]
[168.192.in-addr.arpa]
[localhost]
[127.in-addr.arpa]
[0.in-addr.arpa]
[255.in-addr.arpa]
[tiktok.com]
[.]
[10.IN-ADDR.ARPA]
[16.172.IN-ADDR.ARPA]
[17.172.IN-ADDR.ARPA]
[18.172.IN-ADDR.ARPA]
[19.172.IN-ADDR.ARPA]
[20.172.IN-ADDR.ARPA]
[21.172.IN-ADDR.ARPA]
[22.172.IN-ADDR.ARPA]
[23.172.IN-ADDR.ARPA]
[24.172.IN-ADDR.ARPA]
[25.172.IN-ADDR.ARPA]
[26.172.IN-ADDR.ARPA]
[27.172.IN-ADDR.ARPA]
[28.172.IN-ADDR.ARPA]
[29.172.IN-ADDR.ARPA]
[30.172.IN-ADDR.ARPA]
[31.172.IN-ADDR.ARPA]
[64.100.IN-ADDR.ARPA]
[65.100.IN-ADDR.ARPA]
[66.100.IN-ADDR.ARPA]
[67.100.IN-ADDR.ARPA]
[68.100.IN-ADDR.ARPA]
[69.100.IN-ADDR.ARPA]
[70.100.IN-ADDR.ARPA]
[71.100.IN-ADDR.ARPA]
[72.100.IN-ADDR.ARPA]
[73.100.IN-ADDR.ARPA]
[74.100.IN-ADDR.ARPA]
[75.100.IN-ADDR.ARPA]
[76.100.IN-ADDR.ARPA]
[77.100.IN-ADDR.ARPA]
[78.100.IN-ADDR.ARPA]
[79.100.IN-ADDR.ARPA]
[80.100.IN-ADDR.ARPA]
[81.100.IN-ADDR.ARPA]
[82.100.IN-ADDR.ARPA]
[83.100.IN-ADDR.ARPA]
[84.100.IN-ADDR.ARPA]
[85.100.IN-ADDR.ARPA]
[86.100.IN-ADDR.ARPA]
[87.100.IN-ADDR.ARPA]
[88.100.IN-ADDR.ARPA]
[89.100.IN-ADDR.ARPA]
[90.100.IN-ADDR.ARPA]
[91.100.IN-ADDR.ARPA]
[92.100.IN-ADDR.ARPA]
[93.100.IN-ADDR.ARPA]
[94.100.IN-ADDR.ARPA]
[95.100.IN-ADDR.ARPA]
[96.100.IN-ADDR.ARPA]
[97.100.IN-ADDR.ARPA]
[98.100.IN-ADDR.ARPA]
[99.100.IN-ADDR.ARPA]
[100.100.IN-ADDR.ARPA]
[101.100.IN-ADDR.ARPA]
[102.100.IN-ADDR.ARPA]
[103.100.IN-ADDR.ARPA]
[104.100.IN-ADDR.ARPA]
[105.100.IN-ADDR.ARPA]
[106.100.IN-ADDR.ARPA]
[107.100.IN-ADDR.ARPA]
[108.100.IN-ADDR.ARPA]
[109.100.IN-ADDR.ARPA]
[110.100.IN-ADDR.ARPA]
[111.100.IN-ADDR.ARPA]
[112.100.IN-ADDR.ARPA]
[113.100.IN-ADDR.ARPA]
[114.100.IN-ADDR.ARPA]
[115.100.IN-ADDR.ARPA]
[116.100.IN-ADDR.ARPA]
[117.100.IN-ADDR.ARPA]
[118.100.IN-ADDR.ARPA]
[119.100.IN-ADDR.ARPA]
[120.100.IN-ADDR.ARPA]
[121.100.IN-ADDR.ARPA]
[122.100.IN-ADDR.ARPA]
[123.100.IN-ADDR.ARPA]
[124.100.IN-ADDR.ARPA]
[125.100.IN-ADDR.ARPA]
[126.100.IN-ADDR.ARPA]
[127.100.IN-ADDR.ARPA]
[254.169.IN-ADDR.ARPA]
[2.0.192.IN-ADDR.ARPA]
[100.51.198.IN-ADDR.ARPA]
[113.0.203.IN-ADDR.ARPA]
[255.255.255.255.IN-ADDR.ARPA]
[0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA]
[1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA]
[D.F.IP6.ARPA]
[8.E.F.IP6.ARPA]
[9.E.F.IP6.ARPA]
[A.E.F.IP6.ARPA]
[B.E.F.IP6.ARPA]
[8.B.D.0.1.0.0.2.IP6.ARPA]
[EMPTY.AS112.ARPA]
[HOME.ARPA]
[RESOLVER.ARPA]
[version.bind (view: _bind)]
[hostname.bind (view: _bind)]
[authors.bind (view: _bind)]
[id.server (view: _bind)]
--- Statistics Dump --- (1749514002)
> On Jun 8, 2025, at 10:17 PM, Ondřej Surý <ondrej at isc.org> wrote:
>
> Yes, there's no math involved, it just honors the limit.
>
> FTR you can also say:
>
> max-cache-size 2GB;
>
> You don't have to specify it to the last byte.
>
> Ondrej
> --
> Ondřej Surý (He/Him)
> ondrej at isc.org
>
> My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
>
>> On 9. 6. 2025, at 6:12, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>>
>> Odd. I tried:
>>
>> max-cache-size 1717986918;
>>
>> and restarted and I don’t see anything in the logs about it. But I did when I used a percentage.
>>
>>
>>
>>> On Jun 8, 2025, at 10:02 PM, Ondřej Surý <ondrej at isc.org> wrote:
>>>
>>> The 1.7GB is what the system is reporting. That’s why I asked as I’ve seen OpenWRT reporting weird or no values before.
>>>
>>> 171MB cache is little on a low side and negative effects from overmem LRU cleaning will going to hurt the performance.
>>>
>>> I would suggest to set a fixed size for the cache - 1.6GB-2GB should be more than enough for your purposes.
>>>
>>> Ondrej
>>> --
>>> Ondřej Surý — ISC (He/Him)
>>>
>>> My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
>>>
>>>> On 9. 6. 2025, at 5:45, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>>>>
>>>> Jun 8 21:34:08 OpenWrt named[8106]: /etc/bind/named.conf:42: 'max-cache-size 10%' - setting to 171MB (out of 1714MB)
>>>>
>>>> but no idea where the 1741MB that it is basing that off of is coming from.
>>>
>>
>
More information about the bind-users
mailing list