Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 30 Aug 2006 14:04:10 -0400 (EDT)
From:      John Von Essen <john@essenz.com>
To:        freebsd-isp@freebsd.org
Subject:   Question about a high load BIND server setup...
Message-ID:  <20060830135428.U95055@beck.quonix.net>
In-Reply-To: <mailman.11210.1156956840.654.freebsd-isp@freebsd.org>
References:  <mailman.11210.1156956840.654.freebsd-isp@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
I currently have a FreeBSD 6-STABLE (a few months old) machine running 
bind 9.3.2. It is a caching only name server for a large base of internet 
T1 customers (like 5000 customers).

I just upgraded to 9.3.2 today. I have been having memory issues. For 
starter, when the named pid grows res mem to around 500m it craps out and 
stops resolving. The tentative fix was to restart bind every night at 2am.

However, today, the res mem grow from 25m at startup to 500m in about 4 
hours. Quicker then usually, so I thought maybe there was a memory leak, 
and thats why I upgraded to the latest version of bind.


I need some pointers. I know alot of people dont recommend bind for 
large caching environments, but right now we can't easily change the 
setup. So I am trying to stabilize things as-is. The server used to be 
Redhat linux, just recently did it move to FreeBSD 6.

My sysctl kernel params are standard, somaxconn was bumped up to 512. I 
was also thinking about enabling kern.ipc.shm_use_phys. Do you think that 
will help? TUNING man pages says it improves memory performance for pids 
that use alot of memory.

During peak, the server is pushing around 1.6Mbps of pure dns traffic.

Here is my named.conf options:

         directory               "/etc/namedb";
         pid-file                "/var/run/named/pid";
         dump-file               "/var/dump/named_dump.db";
         statistics-file         "/var/stats/named.stats";
         listen-on               { 127.0.0.1; 209.50.171.81; };
         recursive-clients       10000;
         auth-nxdomain           no;
         tcp-clients             10000;
         max-cache-size          400000000;

Any ideas?

Would something like djbdns really help? I can switch, but can't do it for 
at least a week while we wait for new hardware.

Thanks
John

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060830135428.U95055>