Just so you couldn't say that no one answered you, I came up with a few
diagnostic questions/things you might want to try:
1. Can you perform DNS lookups on the web server?
2. Does anything show up in the httpd log files?
3. How about the DNS server log files?
4. Does it leave one "connection" for each DNS lookup or is it more
sporadic?
5. If you run nslookup from the web/mail server (pointed at one DNS or
the other), does it leave open udp "connections" also?
6. Were the xinetd connections also DNS UDP connections?
7. Is it just DNS, or something broader affecting all UDP?
8. What's the deal?
- Bob Glover
>On Mon, 13 Nov 2000, Joshua Hirsh wrote:
> Hey Folks,
>
> I have two RedHat 7.0 boxes running with the 2.2.16 SMP kernel and
> all the latest patches and upgrades. The other day the main webserver
> ran out of file descriptors for an unknown reason at the time, after I
> restarted the services everthing was fine again.
>
> Today I found the reason for the problem. It appears as if the
> processes on the machines are retaining their connections to the DNS
> servers, thus using up file descriptors for the connections.
>
> When I took a look this morning, the count was up to roughly 2500 UDP
> sockets to the primary and secondary DNS servers being listed in
> netstat as being connected.
>
> I verified the owning process using fuser and found that the majority
> of them were owned by the apache server and another handful by xinetd.
>
> I'm experiencing this on both servers, which both run under the same
> environment except that one is primarily used as a mail server and the
> other a web server.
>
> Environment:
> Linux web 2.2.16-22smp #3 SMP Fri Nov 3 22:08:03 EST 2000 i686 unknown
> glibc-2.1.94-3
> apache compiled with egcs-2.91.66
>
>
> Visual of the problem:
>
> # netstat -an | grep '.53' | grep udp
> udp 0 0 web:3129 207.61.147.10:53 ESTABLISHED
> udp 0 0 web:3128 207.61.147.20:53 ESTABLISHED
> udp 0 0 web:3127 207.61.147.10:53 ESTABLISHED
> udp 0 0 web:3126 207.61.147.20:53 ESTABLISHED
> udp 0 0 web:3125 207.61.147.10:53 ESTABLISHED
> udp 0 0 web:3124 207.61.147.20:53 ESTABLISHED
> <snip>
>
> # fuser -n udp 3124
> 3124/udp: 2360
>
> # ps ax | grep 2360
> 2360 ? S 0:00 /usr/local/httpd/bin/httpd
>
> # netstat -an | grep '.53' | grep udp | wc -l
> 162
>
>
> Another odd little twist is that the connections are only visible on
> these machines and not on the DNS servers...
>
>
> Has anyone else experienced this kind of activity?
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
