On 04/12/2015 12:34, Tony Finch wrote: > Søren Andersen <s...@stofa.dk> wrote: >> >> I'm experiencing some strange problems with my bind installation. - I >> notice my bind recv-q is quite high sometimes.. therefore my DNS clients >> can experience DNS lookup to take 1-4 secs. My bind is running on a 4 >> core vm I VMware with 8Gb ram. - At peak I receive app. 700-800 QPS. - >> The load is 20-40% on each CPU core. - I've also configured 2 RPZ zones. > > Is your server an open resolver being used as part of a DDoS attack? > > Do you have compromised client machines running malware that hammers your > server? > > Find out where the queries are coming from using netflow or tcpdump or > query logging. > > Tony.
Also, if your server is not well-connected (if you have slow or intermittent packet drops) between your server and the Internet, then you might be affected by a defect in the prefetch implementation that can impact performance for some server environments. See https://kb.isc.org/article/AA-01315 and see if disabling prefetch helps in your environment. (The problem that this article talks about will be fixed in 9.10.4). _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
