Re: DNS Capacity issue help -- Recursive Query -- it seems some packets are dropped by DNS
Hello Michael, take care to increase the tcpdump buffers. Else it's tcpdump which loose trafic, not the dns server Have Fun. Greetings Martin.Wismer. tcpdump option -B 131072 helped in my case PS) this time with my other E-Mail Address On 10.04.18 02:37, PENG, JUNAN wrote: Hi, All I did recursive query capacity test. I used traffic generator to place 15K QPS traffic to DNS 1 with FQDN1 (Note, FQDN1 can't be resolve by DNS1, it need to forward it to DNS2 and TTL is set to 0) But during the test , I found lots of failure , the successful rate is not high (85%). Then I used TCPdump commands to capture logs in DNS1 , I found the following things: Thing 1. DNS query number is larger than response number between traffic generator and DNS1 . About 15% traffic are dropped by DNS1 . Thing 2. DNS recursive query number between DNS1 and DNS2 is far less than query number between traffic generator and DNS1 I want to confirm DNS behavior here: DNS1 will initiate a recursive query towards DNS2 when first query is coming . transaction time between DNS1 and DNS2 is about 3 miliseconds. If in these 3 miliseconds, there are other queries with same FQDN are coming, whether all these queries will be lined up in DNS1 because DNS1 has initiated the same FQDN resolve request to DNS2 ? if yes, which will explain thing 2 I observed during the test.After DNS1 gets response from DNS2, then DNS1 will send response to the all the requests from traffic generator lined up in DNS1 , but unfortunately , DNS1 seems drop some packets here. There are 15% packet without response . Besides, CPU usage is not high in DNS1 , only 30% Is my understanding correct ? Which parameters in DNS will impact the performance significantly ? How to do further troubleshooting ? Thank you very much!! BR Michael ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
bind 9.8.0 with openssl 1.0.0d in chroot Bug
Hello together, I'm try to use bind 9.8.0 with openssl 1.0.0d under chroot. Unfortunably I see, wehen I start named/bind: named[13260]: [ID 873579 daemon.crit] initializing DST: openssl failure This bind is compiled: named[13260]: [ID 873579 daemon.notice] starting BIND 9.8.0-P2 -c /etc/bind/named.conf -u dnsrun -t /opt/chroot/bind named[13260]: [ID 873579 daemon.notice] built with '--withopenssl=yes' '--enable-largefile' '--sysconfdir=/usr/local/etc' '--localstatedir=/usr/local/var' 'CC=gcc' 'CFLAGS=-O2 -L/usr/local/lib -R/usr/local/lib -L/usr/local/ssl/lib -R/usr/local/ssl/lib -L/usr/openwin/lib -R/usr/openwin/lib -I/usr/local/rrdtool-1.2.19/include -I/usr/local/BerkeleyDB.4.7/include -I/usr/local/include/cairo' 'LDFLAGS=-L/usr/local/lib -R/usr/local/lib -R/usr/lib -L/usr/lib -R/usr/openwin/lib -L/usr/openwin/lib -L/usr/local/ssl/lib -R/usr/local/ssl/lib -L/usr/X11R6/lib -R/usr/X11R6/lib -L/usr/local/BerkeleyDB.4.7/lib -R/usr/local/BerkeleyDB.4.7/lib' 'CPPFLAGS=-I/usr/local/include -I/usr/local/ssl/include -I/usr/local/include/ncurses -I/usr/openwin/include -I/usr/local/rrdtool-1.2.19/include -I/usr/local/BerkeleyDB.4.7/include -I/usr/local/include/lzo' 'CXX=g++' 'CXXFLAGS=-fpermissive -felide-constructors' Does anybody solve this issue? Till now I only found this Phenomena under different OS but no working solution [Except: use old bind 9.7.3 / no chroot / copy everything in chroot ] Thank's for your Help. Greetings Martin PS) specially SUN Solaris 10 with SUN-Freeware Packages. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Solaris 10 - Running bind9 within a zone/container
Hello On 09.02.10 14:20, J.D. Bronson wrote: I am trying to run bind9 chrooted within a Solaris zone (Container) and I cant get the dev tree to work. I cannot use mknod in a container and trying to symlink it also results in failure. I can run named just fine in the 'global' solaris zone but not a separate container zone. anyone have this working and could offer some assistance? It depend which CPU Architecture you have. sparc and intel (amd) in the Example: The Character Device in the globale / root Zone , the node number's, should be the same on a sparc (in the globale Zone): ls -ldnL /dev/poll /dev/random /dev/urandom crw-rw-rw- 1 0 3 138, 0 Feb 9 13:52 /dev/poll crw-r--r-- 1 0 3 190, 0 Jan 13 06:17 /dev/random crw-r--r-- 1 0 3 190, 1 Jan 13 06:02 /dev/urandom -- and so I did the Devices in the globale Zone for the Solaris-Zone dns1 mknod opt/chroot/bind/dev/poll c 138 0 so it look's like: ls -ldn /opt/zones/dns1zone/root/opt/chroot/bind/dev/* crw-rw-r-- 1 0 0 21, 0 Jun 9 2008 /opt/zones/dns1zone/root/opt/chroot/bind/dev/conslog crw-rw-r-- 1 0 0 13, 2 Jun 9 2008 /opt/zones/dns1zone/root/opt/chroot/bind/dev/null crw-rw-r-- 1 0 0 138, 0 Mar 29 2009 /opt/zones/dns1zone/root/opt/chroot/bind/dev/poll crw-rw-r-- 1 0 0 190, 0 Jun 9 2008 /opt/zones/dns1zone/root/opt/chroot/bind/dev/random crw-rw-r-- 1 0 0 42, 0 Jun 9 2008 /opt/zones/dns1zone/root/opt/chroot/bind/dev/tcp crw-rw-r-- 1 0 0 41, 0 Jun 9 2008 /opt/zones/dns1zone/root/opt/chroot/bind/dev/udp crw-rw-r-- 1 0 0 190, 1 Jun 9 2008 /opt/zones/dns1zone/root/opt/chroot/bind/dev/urandom The same thing with little difference on a amd / x86: ls -ldnL /dev/poll /dev/random /dev/urandom crw-rw-rw- 1 0 3 135, 0 Jan 2 17:29 /dev/poll crw-r--r-- 1 0 3 149, 0 Jan 3 02:10 /dev/random crw-r--r-- 1 0 3 149, 1 Jan 2 17:28 /dev/urandom -- and so I did the Devices in the globale Zone for the solaris-Zone cns mknod opt/chroot/bind/dev/poll c 135 0 ls -ldn /opt/zones/cnszone/root/opt/chroot/bind/dev/* crw-r--r-- 1 0 0 21, 0 Dec 20 2002 /opt/zones/cnszone/root/opt/chroot/bind/dev/conslog crw-r--r-- 1 0 0 13, 2 Dec 18 2002 /opt/zones/cnszone/root/opt/chroot/bind/dev/null crw-rw-r-- 1 0 0 135, 0 Jun 26 2009 /opt/zones/cnszone/root/opt/chroot/bind/dev/poll crw-r--r-- 1 0 0 190, 0 Dec 18 2002 /opt/zones/cnszone/root/opt/chroot/bind/dev/random crw-r--r-- 1 0 0 42, 0 Dec 18 2002 /opt/zones/cnszone/root/opt/chroot/bind/dev/tcp crw-r--r-- 1 0 0 41, 0 Dec 18 2002 /opt/zones/cnszone/root/opt/chroot/bind/dev/udp crw-r--r-- 1 0 0 190, 1 Dec 18 2002 /opt/zones/cnszone/root/opt/chroot/bind/dev/urandom I hope it help's. Have fun. Greetings from Switzerland Martin.Wismer. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Building 9.6.1-P2 on Solaris 10?
Hello Howard, hello Solaris Users, It's there : http://sunfreeware.com Many thank's to Steven M. Christensen Greetings Martin ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
