Possible Memory Leak in bind9.3.0 with DNSSEC enabled

Bernhard Ager ager at in.tum.de
Thu Feb 24 14:02:43 UTC 2005


Hi,

I'm running a testbed with about 100.000 zones generated from
real-world data to test the performance of DNSSEC in comparison to DNS
performance. Software is bind 9.3.0 on Debian GNU/Linux.

Test scenario: 
- 1 resolver
- several name servers hosting the zones, all of which are signed
- one load generator querying the resolver

For this test, a set of 100.000 queries was chosen and repeatedly
replayed against a freshly started resolver using the 'dig' tool.
After each run, memory consumption was measured by reading field 23
(vsize) of /proc/<PID>/stat.

With pure DNS, memory consumption of the resolver stays pracitcally
the same after the first run. With DNSSEC however, memory consumption
increases as shown in the table below.

#runs | mem usage | delta
---------------------------
 1    | 101 MB    | +101 MB
 2    | 108 MB    |   +7 MB
 3    | 157 MB    |  +49 MB
 4    | 163 MB    |   +6 MB
 5    | 212 MB    |  +49 MB
 6    | 218 MB    |   +6 MB
 7    | 225 MB    |   +7 MB
 8    | 235 MB    |  +10 MB 
 9    | 280 MB    |  +45 MB
10    | 288 MB    |   +8 MB

This strongly indicates a memory leak in DNSSEC code. 


Cheers,
  Bernhard
-- 
Isn't making a smoking section in a restaurant like making a peeing
section in a swimming pool?


More information about the bind-workers mailing list