Bind 9.21: no more recursive clients
Jeffery Jones
After upgrading to Bind 9.21, I got the "no more recursive clients:
quota reached" error. It never recovered by itself - after
restarting, everything was normal. It was as though something locked
the default 1000 simultaneous recursive requests and they never timed
out. I haven't looked at the source code to see how this is supposed
to be managed.
This one wasn't obvious from reading the bind8 to 9 migration notes.
In the meantime, I have bumped the recursive-clients limit to 5000.
I may increase the limit to 20,000 after I do a bit more research.
Configuration: caching nameserver with a forwarders statement.
Simon Waters
Jeffery Jones wrote:
>
> This one wasn't obvious from reading the bind8 to 9 migration notes.
I think the default limit is the same, but BIND 9 is
substantially slower on single CPU machines, so maybe that is
why you hit the limit?
> In the meantime, I have bumped the recursive-clients limit to 5000.
> I may increase the limit to 20,000 after I do a bit more research.
I think it was limited originally because it took a few bytes
per outstanding query, I guess it could lead to memory
exhaustion if the performance was poor or memory limited. Memory
probably isn't such an issue at a nickle per megabyte or
whatever we are at these days.
You might want to keep an eye on performance at peak load.
Sam Hayes Merritt, III
On Mon, 8 Jul 2002, Simon Waters wrote:
> I think the default limit is the same, but BIND 9 is
> substantially slower on single CPU machines, so maybe that is
> why you hit the limit?
?
Any performance stats to correlate this?
sam
Simon Waters
Only the stuff Rick Jones has posted previously, mostly for
authoritative servers. I don't think Nominum, or anyone else,
are disputing it. BIND 9 does more sanity tests so that must
cost something even if it was coded similarly to 8. The last
reports I saw suggested the gap was closing, but it was still
nearly a factor of 2.
Mark_A...@isc.org
>
> On Mon, 8 Jul 2002, Simon Waters wrote:
>
> > I think the default limit is the same, but BIND 9 is
> > substantially slower on single CPU machines, so maybe that is
> > why you hit the limit?
>
> ?
>
> Any performance stats to correlate this?
>
>
BIND 8 didn't have a formal limit but it can't support more than
2^16 outstanding queries as it will exhaust it's id space.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.A...@isc.org
Jeffery Jones
On 8 Jul 2002 13:13:46 -0700, Simon Waters
<Si...@wretched.demon.co.uk> wrote:
>> This one wasn't obvious from reading the bind8 to 9 migration notes.
>
>I think the default limit is the same, but BIND 9 is
>substantially slower on single CPU machines, so maybe that is
>why you hit the limit?
We never hit this limit with Bind 8 ... and I can't find an
option in Bind8 called recursive-clients. It may have been an
undocumented internal limit that we never hit.
The Bind 9.21 installation hit the limit after only 1.5 days of
operation during what should have been a relatively quiet time. I
have not yet ruled out the mail servers suddenly trying to reply to
bogus spammer addresses that take forever to resolve.
> Memory
>probably isn't such an issue at a nickle per megabyte or
>whatever we are at these days.
>
>You might want to keep an eye on performance at peak load.
I wish there was a way to dump the active recurive-clients. Then
I could verify if there is really a problem or not. The dumpdb
command doesn't help because the requests presumably aren't in cache
yet. I'll dive into the source code and see what turns up.