I just tried to start BIND 9.16.25 on a server with 88 vCPUs, running
CentOS 7. Systemd is used to start BIND, and it emits the following:
general: notice: starting BIND 9.16.25 (Extended Support Version)
<id:3e14423>
general: notice: running on Linux x86_64 3.10.0-1160.24.1.el7.x86_64 #1
SMP Thu Apr 8 19:51:47 UTC 2021
general: notice: built with '--build=x86_64-redhat-linux-gnu'
'--host=x86_64-redhat-linux-gnu' '--program-prefix='
'--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr'
'--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64'
'--libexecdir=/usr/libexec' '--localstatedir=/var'
'--sharedstatedir=/var/lib' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--sysconfdir=/etc/named' '--disable-static'
'--with-libtool' '--with-pic' '--without-python'
'build_alias=x86_64-redhat-linux-gnu'
'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS=-O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong
--param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic'
'LDFLAGS=-Wl,-z,relro '
'PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
general: notice: running as: named -f -L /var/log/named/named.log -u named
general: notice: compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-44)
general: notice: compiled with OpenSSL version: OpenSSL 1.0.2k-fips 26
Jan 2017
general: notice: linked to OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
general: notice: compiled with zlib version: 1.2.7
general: notice: linked to zlib version: 1.2.7
general: notice: adjusted limit on open files from 4096 to 1048576
general: info: found 88 CPUs, using 88 worker threads
general: info: using 88 UDP listeners per interface
general: info: using up to 21000 sockets
network: info: listening on IPv4 interface lo, 127.0.0.1#53
...
network: info: listening on IPv6 interface lo, ::1#53
...
general: info: sizing zone task pool based on 5486 zones
...
general: notice: command channel listening on 127.0.0.1#953
general: info: configuring command channel from '/etc/named/rndc.key'
general: error: socket: file descriptor exceeds limit (46474/21000)
general: notice: couldn't add command channel ::1#953: not enough free
resources
...
The server has many IP addresses. In named.conf, there are 129 IPv6
addresses in the "listen-on-v6" option and 128 IPv4 addresses in the
"listen-on" option. The server begins running, but then repeatedly emits
this log:
general: error: socket: file descriptor exceeds limit (46474/21000)
If I start named with "-n 8 -U 16", then I don't see these messages.
Does ISC have any guidance on running BIND on systems with lots of
processors, and how to tune the values of "-n" and "-U"? The values I'm
using now (8 and 16 respectively) were determined by trial and error for
a system with 32 vCPUs.
Regards,
Anand
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
