On 27.02.2014 09:59, Dmitry Rybin wrote:
Bind answers with Server failure. On high load (4 qps) all normal
client can get Servfail on good query. Or query can execute more 2-3
second.
I have an a mistake, 4'000 QPS.
___
Please visit https
Over 2 weeks ago begins flood. A lot of queries:
niqcs.www.84822258.com
vbhea.www.84822258.com
abpqeftuijklm.www.84822258.com
adcbefmzidmx.www.84822258.com
and many others.
Bind answers with Server failure. On high load (4 qps) all normal
client can get Servfail on good query. Or query can
24.08.2011 08:04, sky shade пишет:
Hello
I like to know if bind 9.8 have a limit of view?
There is any number or I can create something like 1 million views
without problems?
There is any performance implication in use to many views?
I use about 120 views. It accure 1,8gb of RAM in Idle. You
28.09.2010 10:46, JINMEI Tatuya / 神明達哉 пишет:
These logs are not (directly) related to file descriptors. They mean
epoll returned more socket events than the implementation normally
expects (which is 64). This is not necessarily an error because the
remaining events will be returned with the
This is not good idea to use statefull firewall on heavy loaded DNS
server. firewall becomes low place in the system.
As workaround you can use dns_flood_detector + simple script to insert
and remove IP's from firewall blocking table or chain.
27.10.2010 23:26, Sebastian Tymków пишет:
In
I've test next configuration, which improve recursion performance of
isc-bind frontend.
bind listen on only on external interface and forward all recursive
queries to 127.0.0.1
=== named.conf ===
listen-on { 1.1.1.1; };
forward only;
forwarders {
127.0.0.1;
};
===
05.04.2010 10:06, sasa sasa пишет:
Hello everyone,
Any one used any load balancer for DNSs? any recommendation? it's 2
caching-only DNSs, and I'd like to make a load balance between them
using software.
Simple - Linux, FreeBSD firewall as balancer :) (30k qps)
Can give you example
Hello bind gurus!
I need to change only one record in zone (not deligated to my server,
can't transfer it too)
RECORD.DOMAIN.NET IN A 192.168.1.1
to
RECORD.DOMAIN.NET IN CNAME RECORD.DOMAIN.ORG
Only one record! Is this possible via bind?
___
Matus UHLAR - fantomas wrote:
I need to change only one record in zone (not deligated to my server,
can't transfer it too)
RECORD.DOMAIN.NET IN A 192.168.1.1
to
RECORD.DOMAIN.NET IN CNAME RECORD.DOMAIN.ORG
Only one record! Is this possible via bind?
Not if ht domain is not yours.
You
Hi! RTFM :)
/etc/security/limits.conf
binduser softnofile 32384
binduser hardnofile 32384
change binduser - to you real BIND user.
john wrote:
Hi,
I'm seeing this quite frequently in syslog from bind:
Dec 7 11:00:00 ext named[26731]: isc_socket_create: fcntl/reserved:
Give me parabellum :)
This is not answer. I wont to disable Refused answers for not allowed
client in recursion.
Peter Andreev wrote:
Search in arm by keyword blackhole will save father of russian
democracy :-)
2009/12/3 Dmitry Rybin kirg...@corbina.net mailto:kirg...@corbina.net
Hello!
I can't find in docs how disable answer (Refused), if recursion for IP
is not allowed?
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
I found answer for my feature request - simple C proxer:
http://www.wolfermann.org/dnsproxy.html
It can forward queries to auth or recursion server. Based on client IPs.
FreeBSD port /usr/ports/dns/dnsproxy/
___
bind-users mailing list
ulimit?
万善义 wrote:
CentOS release 5.4 (Final) + BIND 9.6.1-P1
Intel(R) Xeon(R) CPU E5506 @ 2.13GHz
8G Memory
Load 500,000 domains, the loading process, the following error:
loading zone: creating database: out of memory
Kevin Darcy wrote:
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
___
So, you don't cache locally, you forward to another daemon that (in the
best case) answers from *its* cache.
How have you improved performance
Matus UHLAR - fantomas wrote:
Bind answer authoritative for all clients, and forward (if allowed)
recursive queries to recursive server.
why shouldn't it cache those responses?
Bind cache is slow. It allocate a lot of memory and make high CPU usage.
Hello everybody!
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
Niall O'Reilly wrote:
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
I don't see the point.
JINMEI Tatuya / 神明達哉 wrote:
Have anybody test option attach-cache? There is no documentation about
it. :(
Have you read the ARM? It may not be sufficient (while I personally
believe it's quite extensive), but at least there *is* documentation.
OK, Please explain what configuration
Hello!
Have anybody test option attach-cache? There is no documentation about
it. :(
I add attach-cache world (world - global view) and rndc reload failure:
Aug 13 16:59:49 kananga named-7[37361]: 13-Aug-2009 16:59:49.262
general: error: views view0 and view1 can't share the cache due to
ulimit -a ? Looks like as max open file descriptor limit exceeded.
On FreeBSD/Linux boxes I use MONIT (http://mmonit.com/monit/) то check
and restart bind.
BBB Kee wrote:
Hi,
We have a intel solaris 9 and bind9.5.1-P3 inside it. The named suddenly
stopped at this morning. Here is it
Hello.
powerdns-recursor - the best. :)) Over 20k req/sec - feel good.
As variant try to use small TTL like:
bind:
max-ncache-ttl 1;
max-cache-ttl 1;
powerdns-recursor
cache-ttl=1
default-ttl=1
Scott Haneda wrote:
Hello, this may not entirely be related to BIND/named, though I believe
it
JINMEI Tatuya / 神明達哉 wrote:
At Wed, 24 Jun 2009 10:13:51 +0400,
Dmitry Rybin kirg...@corbina.net wrote:
new experimental feature just for that purpose:
Is this feature going to be back ported to 9.4 and 9.5 releases as well?
For 9.5, yes. For 9.4, not according to the current plan.
named
JINMEI Tatuya / 神明達哉 wrote:
At Mon, 22 Jun 2009 13:30:42 +0400,
Dmitry Rybin kirg...@corbina.net wrote:
Please try 9.6.1b1, which we expect to be released next week. It has a
new experimental feature just for that purpose:
Is this feature going to be back ported to 9.4 and 9.5 releases
JINMEI Tatuya / 神明達哉 wrote:
At Fri, 13 Mar 2009 17:31:37 -0400,
R Dicaire kri...@gmail.com wrote:
Please try 9.6.1b1, which we expect to be released next week. It has a
new experimental feature just for that purpose:
Is this feature going to be back ported to 9.4 and 9.5 releases as well?
The Best - use carp (VRRP) protocol for it or nginx proxy server.
Or you can use dynamic update for zone:
ping -c 5 your.host || nsupdate ...
Mohammed Ejaz wrote:
Hi all,
Can it be possible through the bind, www records should work as
failover, I mean during the primary record
Matus UHLAR - fantomas wrote:
and let me know if it mitigates the problem?
On 29.01.09 22:50, Dmitry Rybin wrote:
Oh, great work. I'll try tomorrow.
Named with JINMEI Tatuy patch:
max-cache-size 800M;
Morning Statistic
version: 9.6.0-P1
CPUs found: 8
worker threads: 8
number of zones: 1040
JINMEI Tatuya / 神明達哉 wrote:
At Wed, 04 Feb 2009 11:23:19 +0300,
Dmitry Rybin kirg...@corbina.net wrote:
Named with JINMEI Tatuy patch:
max-cache-size 800M;
It's way too much, if this applies to all of the 50 views.
With you patch? Total memory on server 12Gb
Matus UHLAR - fantomas wrote:
On 04.02.09 11:23, Dmitry Rybin wrote:
It's impossible, :-( over 500'000 client use bind and we must use views
to split load on another services.
Named with JINMEI Tatuy patch:
max-cache-size 800M;
It's way too much, if this applies to all of the 50 views
В Пнд, 26/01/2009 в 16:16 -0800, JINMEI Tatuya / 神明達哉 пишет:
http://www.jinmei.org/patch/bind9-lrucache.diff
(should be cleanly applicable to 9.6).
and let me know if it mitigates the problem?
Oh, great work. I'll try tomorrow.
Other recommendations:
- I previously suggested using a
Matus UHLAR - fantomas wrote:
This is _NOT_ a problem of BIND. This is a problem of its admin who can't
read the docs and set up max-cache-size, which does exactly what is needed
in this case.
Hmm... And why bind allocate all system memory, if max-cache-size 16M?
And views... 50 views.
Hello!
How to disable cache in bind-9.6? ttl=0 - bad idea.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Matus UHLAR - fantomas wrote:
On 20.01.09 12:49, Dmitry Rybin wrote:
How to disable cache in bind-9.6? ttl=0 - bad idea.
if you know that setting TTL to 0 is a bad idea, why do yuo think that
disabling a cache in BIND is not a bad idea?
Because under high load cache grows to maximum
FreeBSD 7.1 i386, AMD64 - bind 9.5.1rc, 9.6.0rc works good.
On Fri, 2008-12-19 at 12:39 -0600, Jeremy C. Reed wrote:
Hi,
I am working on BIND documentation and want to make sure the lists of
operating systems used successfully with BIND are accurate.
If you are willing, please email me
JINMEI Tatuya / 神明達哉 wrote:
At Mon, 15 Dec 2008 09:53:23 +0300,
Dmitry Rybin rybi...@post.ru wrote:
Thank's to JINMEI Tatuya for support.
I have over 40 views, defined in named.conf, max-memory for cache -
32Mb. Named daemon allocate over 2 Gb per 24 hours of work.
Each view has
Thank's to JINMEI Tatuya for support.
I have over 40 views, defined in named.conf, max-memory for cache -
32Mb. Named daemon allocate over 2 Gb per 24 hours of work.
Have you any ideas how to limit memory usage?
Dmitry Rybin wrote:
max-cache-size 64M;
# /usr/bin/limits -v 1200M /usr/local/sbin
Thank's to JINMEI Tatuya for support.
I have over 40 views, defined in named.conf, max-memory for cache -
32Mb. Named daemon allocate over 2 Gb per 24 hours of work.
Have you any ideas how to limit memory usage?
Dmitry Rybin wrote:
max-cache-size 64M;
# /usr/bin/limits -v 1200M /usr/local/sbin
JINMEI Tatuya / 神明達哉 wrote:
At Thu, 11 Dec 2008 11:25:42 +0300,
Dmitry Rybin kirg...@corbina.net wrote:
OK. I just make bind from src with ./configure --enable-threads gcc
option -static.
file /usr/local/sbin/named-test
/usr/local/sbin/named-test: ELF 64-bit LSB executable, x86-64
in thread_start ()
#19 0x in ?? ()
Cannot access memory at address 0x7fbff000
At normal situation after startup memory usage over 700 MB.
-
JINMEI Tatuya / 神明達哉 wrote:
At Wed, 10 Dec 2008 15:50:22 +0300,
Dmitry Rybin [EMAIL PROTECTED] wrote:
JINMEI Tatuya / 神明達哉 wrote
,
Dmitry Rybin [EMAIL PROTECTED] wrote:
JINMEI Tatuya / 神明達哉 wrote:
At Tue, 09 Dec 2008 18:05:27 +0300,
Dmitry Rybin [EMAIL PROTECTED] wrote:
I test patch, add to bind95/Makefile
.if (${ARCH} == amd64)
ARCH= x86_64
.endif
Future versions of BIND9 will support amd64 in its configure
understanding, there should be no memory leak issue at all if you
disable threads..
this post has always been directed to the concern of FreeBSD + amd64 platform
+ FreeBSD port dns/bind95 (BIND 9.5.0-P2) + threading enabled
thanks!
--- On Wed, 12/10/08, Dmitry Rybin [EMAIL PROTECTED] wrote
JINMEI Tatuya / 神明達哉 wrote:
At Tue, 09 Dec 2008 18:05:27 +0300,
Dmitry Rybin [EMAIL PROTECTED] wrote:
I test patch, add to bind95/Makefile
.if (${ARCH} == amd64)
ARCH= x86_64
.endif
Future versions of BIND9 will support amd64 in its configure script to
workaround the FreeBSD
Hello!
I test patch, add to bind95/Makefile
.if (${ARCH} == amd64)
ARCH= x86_64
.endif
work/bind-9.5.0-P2/config.log
uname -m = amd64
/usr/bin/uname -p = amd64
Target: amd64-undermydesk-freebsd
Configured with: FreeBSD/amd64 system compiler
ISC_ARCH_DIR='x86_32'
43 matches
Mail list logo