Sorry for arriving late and making points that might go without saying
but...
On Mon, Nov 12, 2012, at 05:23 PM, Ed LaFrance wrote:
> Hello Alan -
>
> Of course you are right, my bad.
>
> Here's the entirety of my named.conf - there's nothing pertaining to
> logging in here, so I guess that mea
@lists.isc.org] on behalf of Florian Weimer
[f...@deneb.enyo.de]
Sent: Sunday, November 11, 2012 13:46
To: Ed LaFrance
Cc: bind-users@lists.isc.org
Subject: Re: Need to improve named performance
* Ed LaFrance:
> Running BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5 on a quadcore xeon server
>
On Mon, 12 Nov 2012, Ed LaFrance wrote:
> Currently I'm not using query logging, it's not in my options at all.
I think "rndc querylog" was used to enable it (even if no corresponding
logging configuration). You can use it again to toggle it off. "rndc
status" will show if query logging is on
The developer of some software we use has come up with this and it
appears to work:
logging{
channel error_log {
file "/var/log/bind.log" versions 3 size 5m;
severity error;
print-time yes;
print-severity yes;
print-category yes;
};
category default{
error_log;
};
};
On 11/12/2012 8:49 AM, Davi
On Mon, 12 Nov 2012, Ed LaFrance wrote:
Hello Alan -
Of course you are right, my bad.
Here's the entirety of my named.conf - there's nothing pertaining to logging
in here, so I guess that means that 'log everything' is the default. I would
only want to log critical named errors, so if anyone
Hello Alan -
Of course you are right, my bad.
Here's the entirety of my named.conf - there's nothing pertaining to
logging in here, so I guess that means that 'log everything' is the
default. I would only want to log critical named errors, so if anyone
has syntax they have my gratitude:
opt
In article ,
Ed LaFrance wrote:
> Hello Alan -
>
> Currently I'm not using query logging, it's not in my options at all.
> Are you saying that named logging by syslog into /var/log/messages is
> controlled by named.conf? Seems unlikely, I'd think it would be a
> function of syslog.conf. I'm
On Nov 12, 2012, at 10:58 AM, Ed LaFrance wrote:
> Currently I'm not using query logging, it's not in my options at all. Are you
> saying that named logging by syslog into /var/log/messages is controlled by
> named.conf? Seems unlikely, I'd think it would be a function of syslog.conf.
> I'm t
On 11/12/2012 5:58 PM, Ed LaFrance wrote:
Hello Alan -
Currently I'm not using query logging, it's not in my options at all.
Are you saying that named logging by syslog into /var/log/messages is
controlled by named.conf? Seems unlikely, I'd think it would be a
function of syslog.conf. I'm trying
Hello Alan -
Currently I'm not using query logging, it's not in my options at all.
Are you saying that named logging by syslog into /var/log/messages is
controlled by named.conf? Seems unlikely, I'd think it would be a
function of syslog.conf. I'm trying to learn more about it but I'm
swamped
On Nov 12, 2012, at 10:23 AM, Ed LaFrance wrote:
> I've been corresponding with several people on this issue but no one had
> questioned that when I pointed it out.
I don't think I'd seen the logging stanza, but yes, logging to syslog is a bad
thing, and logging queries to syslog is even wors
On 12/11/12 15:23, Ed LaFrance wrote:
I really don't need this kind of logging in the messages log. I can turn
on query logging in the named.conf if I need more detail on named. I
think the simplest thing would just be to have an exclusion in the
syslog config for named. I confess some general i
Hello Florian -
You are my hero and new best friend. I stopped syslog:
[root@ns1 lisinc]# /sbin/service syslog stop
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
...and all the problems cleared up instantl
Hi there,
On Mon, 12 Nov 2012, Ed LaFrance wrote:
... No idea on ip_conntrack. How do I check and if so, what setting
should I try and how do I do it?
Look for something like
/proc/sys/net/netfilter/ip_conntrack_tcp_timeout_established
and cat it to the terminal. It will just be a number (
* Ed LaFrance:
> Thanks for chiming in. Named is PID 8349 in my case. Here's a snippet
> of the output from strace:
> [pid 8351] send(3, "<30>Nov 11 13:07:25 named[8349]:"..., 107,
> MSG_NOSIGNAL) = 107 <0.015232>
> [pid 8353] send(3, "<30>Nov 11 13:07:25 named[8349]:"..., 103,
> [pid 8353]
64("/etc/localtime",
[pid 8353] futex(0x9b6aecc, FUTEX_WAIT_PRIVATE, 2, NULL
[pid 8350] <... stat64 resumed> {st_mode=S_IFREG|0644, st_size=2819,
...}) = 0 <0.76>
[pid 8350] stat64("/etc/localtime", {st_mode=S_IFREG|0644,
st_size=2819, ...}) = 0 <0.000
; The bottom line is: I need to improve named performance. Tcpdump only
> shows about 20 requests per second on average, I would estimate. This
> should be handled easily, but instead it's gagging on it and the
> requests are stacking up.
Something is stalling the named process. Try to
644 556 S 0.0 0.0 0:01.08 init
The bottom line is: I need to improve named performance. Tcpdump only
shows about 20 requests per second on average, I would estimate. This
should be handled easily, but instead it's gagging on it and the
requests are stacking up. If you have any ideas,
Hi there,
On Sun, 11 Nov 2012, Ed LaFrance wrote:
Running BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5 ...
Somebody already said upgrade. Generally that's the first thing to do
in a case like this (before asking on mailing lists:).
The issue is that named is not keeping up with rdns requests. The
Hello Alan -
It's also worth noting that, since I have more IPs on the box than the
ones that are designated as nameservers, and since I have dns listening
on all addresses, I can query named using one of the non-nameserver IPs
- and it works fine! For instance:
nslookup x.x.x.29 y.y.y.114
S
Hello Alan -
I will do an upgrade as soon as I get chance - a bit tied up right now.
But in any case, since I posted this I've done some query logging for a
bit and find that I'm getting an average of about 60 queries per second.
All the dns queries are coming in via udp - the connections I me
On Nov 10, 2012, at 1:39 PM, Ed LaFrance wrote:
> When I check the router above this server I'll see 200 - 500 legitimate
> connections to this server at any given time.
Having sent my snarky "update" e-mail, I now ask... you say later in the mail
that you are doing about 20 queries per secon
On Nov 10, 2012, at 1:39 PM, Ed LaFrance wrote:
> Running BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5
Before everyone else says it... upgrade.
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
signature.asc
Description: Message signed with OpenPGP using GPGMail
__
init
The bottom line is: I need to improve named performance. Tcpdump only
shows about 20 requests per second on average, I would estimate. This
should be handled easily, but instead it's gagging on it and the
requests are stacking up. If you have any ideas, I welcome your input.
Here's
24 matches
Mail list logo
