Yes, I read that last night before posting. I changed it to "256M". Is there a way using rndc to see if that "took"?
And how do I see how much of the cache has been used? I don't want to provision more than necessary. This server acts as a secondary DNS entry for about 6000 broadband customers and is an authoritative DNS server for 100+ domains. Frank -----Original Message----- From: Fr34k [mailto:freaknet...@yahoo.com] Sent: Friday, January 16, 2009 8:45 AM To: frnk...@iname.com; bind-users@lists.isc.org Subject: Re: SERVFAIL issues Hello, Has the "max-cache-size" setting in named.conf been considered? If not, note that in early releases of 9.5.x max-cache-size is 32M by default instead of unlimited as in 9.4.x >From the CHANGES file with the bind-9.5.0-P2 source: ""max-cache-size" defaults to 32M" Using: max-cache-size 0 ; will restore previous behavior (unlimited). The ultimate setting would need to be considered for the environment BIND is running in. FWIW, we use max-cache-size 0 ; without issue. You can search this list archives for max-cache-size for previous discussions on this. Thanks. ----- Original Message ---- From: Frank Bulk <frnk...@iname.com> To: bind-users@lists.isc.org Sent: Thursday, January 15, 2009 6:57:10 PM Subject: SERVFAIL issues http://marc.info/?l=bind-users&m=122239920822324&w=2 http://marc.info/?l=bind-users&m=122243068905656&w=2 We upgraded to 9.5.0-P1 when the Kaminsky DNS vulnerability was announced and have had intermittent issues with SERVFAIL problems for some DSL modems that don't properly fail over to a secondary DNS server. A packet capture showed that certain domains would result in a SERVFAIL, and once that domain was identified, if we did a dig against it we had the same result. We've had to stop and start the named service about half a dozen times this fall to resolve the issue. We upgraded to 9.5.0-P2 in early November, hoping that this issue would be resolved. But today we experienced the problem again. A customer couldn't query a site, although everything seemed correct. I captured all their traffic and the trace showed that the DNS server was issuing a SERVFAIL. I stopped and then started named and immediately all was well. Since we sometimes reload named when adding/modifying domains, or at other times use rndc, I'm not sure if that "cleared" things up such that this is the first time I recall having this problem in 2 months. Is this intermittent SERVFAIL issue resolved in 9.5.1-P1? Frank _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
