On 6/19/15, 4:07 PM, "bind-users-boun...@lists.isc.org on behalf of
/dev/rob0"
wrote:
>On Fri, Jun 19, 2015 at 02:55:23PM -0500, I wrote:
>> On Thu, Jun 18, 2015 at 11:11:16PM +,
>>Mike Hoskins (michoski) wrote:
>snip
>> Note that connection tracking can be a problem upstream as well,
>>
On Fri, Jun 19, 2015 at 02:55:23PM -0500, I wrote:
> On Thu, Jun 18, 2015 at 11:11:16PM +,
>Mike Hoskins (michoski) wrote:
snip
> Note that connection tracking can be a problem upstream as well,
> for the same reasons as described in the article. I would still
> turn off conntrack for UD
On Thu, Jun 18, 2015 at 11:11:16PM +,
Mike Hoskins (michoski) wrote:
> On 6/18/15, 7:09 PM, "Stuart Browne"
> wrote:
>
> >Just wondering. You mention you're using RHEL6; are you also
> >getting messages in 'dmesg' about connection tracking tables being
> >full? You may need some 'NOTR
On 6/19/15, 1:16 PM, "bind-users-boun...@lists.isc.org on behalf of Reindl
Harald" wrote:
>Am 19.06.2015 um 18:44 schrieb Mike Hoskins (michoski):
>> I suppose the only way to avoid any "intermediate" firewalls would be to
>> place everything you run on a LAN segment hanging directly off your
>>
Am 19.06.2015 um 18:44 schrieb Mike Hoskins (michoski):
I suppose the only way to avoid any "intermediate" firewalls would be to
place everything you run on a LAN segment hanging directly off your
router/Internet drop with host based firewalls
well, if the router is from Cisco and has NAt ena
On 6/19/15, 5:07 AM, "bind-users-boun...@lists.isc.org on behalf of Matus
UHLAR - fantomas" wrote:
>>On 6/18/15, 7:09 PM, "Stuart Browne"
>>wrote:
>>>Just wondering. You mention you're using RHEL6; are you also getting
>>>messages in 'dmesg' about connection tracking tables being full? You
>>
On 6/18/15, 7:09 PM, "Stuart Browne"
wrote:
Just wondering. You mention you're using RHEL6; are you also getting
messages in 'dmesg' about connection tracking tables being full? You may
need some 'NOTRACK' rules in your iptables.
On 18.06.15 23:11, Mike Hoskins (michoski) wrote:
Just follow
Inline...
On 6/18/15, 9:22 AM, "Cathy Almond" wrote:
>On 18/06/2015 12:00, Matus UHLAR - fantomas wrote:
>> On 17.06.15 22:39, Shawn Zhou wrote:
>>> BIND on my resolvers reaches the max open file limit and I am getting
>>> lots
>>> of SERVFAILs
>>> http://pastebin.com/SxRsHLff
>>
>>> After I i
On 6/18/15, 7:09 PM, "Stuart Browne"
wrote:
>Just wondering. You mention you're using RHEL6; are you also getting
>messages in 'dmesg' about connection tracking tables being full? You may
>need some 'NOTRACK' rules in your iptables.
Just following along, for the record... On our side, iptabl
ies from your system
and notify us immediately.
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Mike Hoskins (michoski)
Sent: Friday, 19 June 2015 2:28 AM
To: Matus UHLAR - fantomas; bind-users@lists.isc.org
Subject: Re: file
Inline...responding to each of these including Kathy's soon (thanks to the
community for the responses). Following with interest as we've seen this
for awhile, though we are possibly a special case which I'll describe more
in another response.
On 6/18/15, 7:00 AM, "Matus UHLAR - fantomas" wrote
On 18/06/2015 12:00, Matus UHLAR - fantomas wrote:
> On 17.06.15 22:39, Shawn Zhou wrote:
>> BIND on my resolvers reaches the max open file limit and I am getting
>> lots
>> of SERVFAILs
>> http://pastebin.com/SxRsHLff
>
>> After I increased the max-socks (-s 8192) to 8192, I no longer saw the
>>
On 17.06.15 22:39, Shawn Zhou wrote:
BIND on my resolvers reaches the max open file limit and I am getting lots
of SERVFAILs
http://pastebin.com/SxRsHLff
After I increased the max-socks (-s 8192) to 8192, I no longer saw the file
limit error from the log anymore; however, I am still many SERVF
13 matches
Mail list logo
