Date: Tue, 22 Apr 2003 00:48:44 -0700 (PDT) From: Doug Barton <DougB@FreeBSD.org> To: Blake Swensen <blake@pyramus.com> Cc: FreeBSD ISP List <freebsd-isp@FreeBSD.ORG> Subject: Re: BIND and/or IPFW weirdness Message-ID: <20030422004227.O659@znfgre.tberna.bet> In-Reply-To: <3EA45775.5060707@pyramus.com> References: <3EA45775.5060707@pyramus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
First, you should really buy, and read, "DNS and BIND, Fourth Edition." It
should help you get a better understanding of how the pieces fit together.
On Mon, 21 Apr 2003, Blake Swensen wrote:
> I have two systems (RELENG_4_3 vintage).
Well, you should definitely consider upgrading. A number of bugs have been
fixed since 4.3.
> Both are running BIND 8.4.3-REL
You have a time machine? :) The current version is 8.3.4.
> and both are running IPFW. One is acting as master DNS and the
> other is acting as slave for IP4 zones
DNS zones have no notion of IPv4 or IPv6. The contents of the zones might,
but the zones themselves don't.
> (about 65 domain names) outside our firewall. I also have an internal
> DNS server resolving our private addresses.
>
> Last week the named on the slave server started to peg systat's pig load
> to about 88%. After confirming that this wasn't a DOS attack with my
> ISP, I am still unable to get the DNS to calm down.... now the process
> load has extended to the master and systat is reporting about 90% load.
>
> Cannot determine why these systems are being hammered --
Have you turned on query logging? That should give you a pretty good idea.
Instructions for this are in the BIND docs. If you turn that on and don't
see actual queries, then it's time to tcpdump the traffic.
HTH,
Doug
--
This .signature sanitized for your protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030422004227.O659>