At Wed, 17 Sep 2008 18:12:51 +0800, "BroBind BroBind" <[EMAIL PROTECTED]> wrote:
> We upgraded our Caching-Publishing DNS servers from bind-9.2 to > bind-9.4.2-P2 at our 4 IBM x346 2 Core CPU 2.80GHz RHEL4-U3 x86_64 and > 16GB Mem. But we had experienced problems w/ it with too many open files > problem. We resolved it by increasing the FD_SETSIZE at > /usr/include/bits/typesizes.h and defining the > STD_CDEFINES="-DISC_SOCKET_FDSETSIZE=4096" during compilation. Here's our > configure options: > > STD_CDEFINES="-DISC_SOCKET_FDSETSIZE=4096" ./configure > --prefix=/var/bind/v9.4.2-P2 > --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu > --target=x86_64-redhat-linux-gnu \ > --with-libtool --enable-threads --enable-ipv6 --with-pic --with-openssl=yes > --enable-largefile \ > --disable-openssl-version-check > > Using iptraf, we're having total rates of around 20Mbps of traffic per > server. named.stats.txt showed that failure is very high and recursions > compare w/ success. CPU utilization averages at 40-60 per server and memory > rise to 20 to 50 % Utilization. We've seen many SERVFAIL from our tcpdumps > going to legitimate domains and about 3-5 times dig to a domain before the > queries became sucessful. Please provide some more information: - OS kernel version - you named configuration (named.conf) - initial log messages when you start named with the same command-line options plus '-g' - number of sockets named actually opens when you see the many SERVFAILs (use lsof for example to see this) --- JINMEI, Tatuya Internet Systems Consortium, Inc.
