Hi
Just FYI, I just encountered the same issue with bind and DNSSEC.
Bind was using 100% CPU, even after a restart.
Turns out that were a key in the managed-keys folder which was
unreadable by bind (permission issue).
Hope It can help.
Arnaud Houdelette.
On 05/01/2012 01:24, George Kontostanos wrote:
Greetings everyone,
I was testing DNSSec resolution on BIND 9.8.1-P1 by adding the
following options:
options {
...
dnssec-enable yes;
dnssec-validation auto;
...
};
Unfortunately immediately after named is restarted one CPU reaches
100% utilization.
CPU: 30.1% user, 0.0% nice, 23.6% system, 0.0% interrupt, 46.3% idle
Mem: 111M Active, 14M Inact, 255M Wired, 852K Cache, 3558M Free
Swap: 2048M Total, 2048M Free
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
2178 bind 5 20 0 51364K 13828K kqread 0 0:17 84.18% named
The system is running GENERIC kernel, and it not an authoritative DNS.
Mainly used for testing purposes. My logs don't show anything strange:
Jan 5 02:03:55 hp named[2178]: starting BIND 9.8.1-P1 -t /var/named -u bind
Jan 5 02:03:55 hp named[2178]: built with '--prefix=/usr'
'--infodir=/usr/share/info' '--mandir=/usr/share/man'
'--enable-threads' '--enable-getifaddrs' '--disable-linux-caps'
'--with-openssl=/usr' '--with-randomdev=/dev/random' '--without-idn'
'--without-libxml2'
Jan 5 02:03:55 hp named[2178]: using built-in root key for view _default
Jan 5 02:03:55 hp named[2178]: command channel listening on 127.0.0.1#953
Jan 5 02:03:55 hp named[2178]: command channel listening on ::1#953
an 5 02:03:55 hp named[2178]: running
Anybody has come across a similar behavior ?
Cheers,
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
