From owner-freebsd-net@FreeBSD.ORG Mon Dec 15 13:19:13 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DBE2B16A4CE for ; Mon, 15 Dec 2003 13:19:13 -0800 (PST) Received: from dastardly.newsbastards.org.72.27.172.IN-addr.ARPA.NOSPAM.dyndns.dk (c-180-197-180.ka.dial.de.ignite.net [62.180.197.180]) by mx1.FreeBSD.org (Postfix) with ESMTP id B703043D2D for ; Mon, 15 Dec 2003 13:18:31 -0800 (PST) (envelope-from bounce@NOSPAM.dyndns.dk) Received: from NOSPAM.spam.NOSPAM.spam.NOSPAM.dyndns.dk (NOSPAM.spam.NOSPAM.spam.NOSPAM.dyndns.dk [2002:3eb4:c5b4:0:200:c0ff:fefc:19aa]) (8.11.6/8.11.6-SPAMMERS-DeLiGHt) with ESMTP id hBFLI7c10917 verified NO) for ; Mon, 15 Dec 2003 22:18:09 +0100 (CET) (envelope-from bounce@NOSPAM.dyndns.dk) Received: (from beer@localhost)hBFLHrT06410; Mon, 15 Dec 2003 22:17:53 +0100 (CET) (envelope-from bounce@NOSPAM.dyndns.dk) Date: Mon, 15 Dec 2003 22:17:53 +0100 (CET) Message-Id: <200312152117.hBFLHrT06410@NOSPAM.spam.NOSPAM.spam.NOSPAM.dyndns.dk> X-Authentication-Warning: NOSPAM.spam.NOSPAM.spam.NOSPAM.dyndns.dk: beer set sender to bounce@NOSPAM.dyndns.dk using -f From: Barry Bouwsma To: "%s" Subject: ENOBUFS and DNS... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Dec 2003 21:19:14 -0000 [Drop hostname part of IPv6-only address above to obtain IPv4-capable e-mail, or just drop me from the recipients and I'll catch up from the archives] Hello, "%s"! I've read in this list from a couple years ago, several discussions about ENOBUFS being returned to UDP-using applications. This is what I'm experiencing with BIND when I get hit with lots of queries over a slow link. I'm serving DNS info for my subdomain, with an off-site secondary. I'm on a dial-in now (no comments please); I don't ever remember seeing this with a cable modem connection (about 2-4x upstream speed than now, with downstream speed higher still). When I send a mail to the FreeBSD lists, shortly after, I get hit with lots of DNS queries to verify my address(es). My modem is saturated both down- and upstream for some minutes. For a minute or two, `named' spits out syslog messages about insufficient resources, as the replies it tries to make return ENOBUFS. If I were to tweak the sysctl net.inet.ip.intr_queue_maxlen from its default of 50 up, would that possibly help named? Or might that cause problems elsewhere? Or should I ignore this, or would the best possible solution be for me simply not to send any more mail to the lists? I can think of a few possibilties for this being made worse over my thin pipe. Comments about my thoughts below are welcome, to help me improve my understanding of things. I'm usually filling the downstream pipe even without the queries coming in (pay-per-minute so I'm trying to maximize use of pipe). This alone may worsen things, as incoming queries see a high latency, causing them to be repeated before a response is received, possibly causing other nameservers to initiate queries to me, resulting in many more queries coming in than if I returned answers promptly. The size of the outgoing responses is larger than the queries, so it takes more time to push out responses than it does for them to come in. These factors combined with the timeouts/retries that resolvers and nameservers have, mean that no matter what I do, things won't get a lot better for me. (As a note, when I sent mails over the cable modem, a different mailing list software was used by FreeBSD. Still, I'd see heaps of queries shortly after, just as now. This in the event the current software makes the deliveries faster at the same time, causing more simultaneous queries to me. Also, perhaps more sites are doing not only sender validation but also validation of the from address due to spam growth the last year.) I suspect that not all sites are able to successfuly query me, as after the initial couple minutes of ENOBUFS problems and as the incoming queries taper off, some time later I'll see a repeat of the ENOBUFS problem, as I'm assuming another round of attempts is made to dispose of the queue built up at freebsd.org. If I'm still online when that happens, to be queried, of course. I haven't looked to see whether BIND does anything special when an ENOBUFS pops up in order not to drop the response. Perhaps if it were to do so, queueing responses, things would only get worse as the backlog continues to increase, so by the time responses get sent, the requester has already given up (after sending a few more queries to increase the backlog further). Thus in such a case the better thing is to drop random responses in order to get fewer of them out in a more timely fashion. Or perhaps I shouldn't worry, trusting that the sites which fail to receive a response from me directly after a few tries might poke the offsite secondary nameserver, and that the error-recovery is handled by DNS, so I shouldn't do anything to UDP to try to help. Anyway, just for fun, I'm going to double the above sysctl value for this message and see how things change. Later I'll think about suspending my downloads to speed up incoming queries. Also, I just remembered that userland ppp allows me to prioritize certain traffic so I should try that too, though normally the downloads I do only snarf a few hundred bytes/sec from the outgoing pipe, so that might help little.... As noted, comments about my ideas are welcome. Thanks, Barry Bouwsma