At Fri, 26 Sep 2008 14:01:18 +0200, Bart Van den Broeck <[EMAIL PROTECTED]> wrote:
> > Hi, I have compiled and used 9.5 on several Linuxplatforms but we have to > > restart the bind-process every day since it stop ansver for some domains > > after some time. > > The DNS is recursive and the domain it stop answer for is always .se > > domains. Is there any DNSSEC issue in 9.5 that is broken maybe? The zones > > it dont answer for isn't signed by .SE but? When the server stop answer > > correct it look up other zones correct and after a restart it works ok > > again. > Short answer: yes, probably. We definitely need more details about the problem (for example, I don't understand what exactly 'it stop answer' means), but my gut feeling from the above short description is this is a different issue than this one: http://marc.info/?l=bind-users&m=122239920822324&w=2 > Until the problematic code is fixed in BIND 9.5 we've downgraded to 9.4. It > hasn't been running long enough to be completely sure the problem has gone > away > though, but we're hopeful :-) It's your call, of course, and if you don't see any problem in 9.4 and don't need a new feature of 9.5, I'd also recommend the former. 9.5 is still pretty new and may be less stable. Having said that, I'd like to point out that if one likely cause of your problem is the use of the default max-cache-size (32MB for 9.5). It's way too conservative for a moderately busy server. Most administrators operating a modern server machine with a sufficient amount of memory would like to specify a much larger value anyway (for efficient caching), and then this particular problem will also be greatly mitigated if not solved. --- JINMEI, Tatuya Internet Systems Consortium, Inc.
