On 17.06.15 22:39, Shawn Zhou wrote:
BIND on my resolvers reaches the max open file limit and I am getting lots
of SERVFAILs
http://pastebin.com/SxRsHLff
After I increased the max-socks (-s 8192) to 8192, I no longer saw the file
limit error from the log anymore; however, I am still many SERVF
On 18/06/2015 12:00, Matus UHLAR - fantomas wrote:
> On 17.06.15 22:39, Shawn Zhou wrote:
>> BIND on my resolvers reaches the max open file limit and I am getting
>> lots
>> of SERVFAILs
>> http://pastebin.com/SxRsHLff
>
>> After I increased the max-socks (-s 8192) to 8192, I no longer saw the
>>
Inline...responding to each of these including Kathy's soon (thanks to the
community for the responses). Following with interest as we've seen this
for awhile, though we are possibly a special case which I'll describe more
in another response.
On 6/18/15, 7:00 AM, "Matus UHLAR - fantomas" wrote
Just wondering. You mention you're using RHEL6; are you also getting messages
in 'dmesg' about connection tracking tables being full? You may need some
'NOTRACK' rules in your iptables.
STUART BROWNE
Senior Unix Administrator, Network Administrator, Database Admin
P +61 9866 3710
www.
On 6/18/15, 7:09 PM, "Stuart Browne"
wrote:
>Just wondering. You mention you're using RHEL6; are you also getting
>messages in 'dmesg' about connection tracking tables being full? You may
>need some 'NOTRACK' rules in your iptables.
Just following along, for the record... On our side, iptabl
Inline...
On 6/18/15, 9:22 AM, "Cathy Almond" wrote:
>On 18/06/2015 12:00, Matus UHLAR - fantomas wrote:
>> On 17.06.15 22:39, Shawn Zhou wrote:
>>> BIND on my resolvers reaches the max open file limit and I am getting
>>> lots
>>> of SERVFAILs
>>> http://pastebin.com/SxRsHLff
>>
>>> After I i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have multiple centos6 boxes running 9.10.2-P1, and almost everything
looks good. However, one box seems to not be doing dnssec validation. It
is possible that this behavior predates the latest updates and I just
never noticed it.
A and B have essent
In message <1434674101.18744.119.ca...@ns.five-ten-sg.com>, Carl Byington write
s:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I have multiple centos6 boxes running 9.10.2-P1, and almost everything
> looks good. However, one box seems to not be doing dnssec validation. It
> is possible
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 2015-06-19 at 11:10 +1000, Mark Andrews wrote:
> You don't have any trust anchors active.
> To use the keys in "/etc/named.iscdlv.key" set "dnssec-validation
> auto;"
Thanks!!
New centos rpms at http://www.five-ten-sg.com/mapper/bind with a
On Thu, Jun 18, 2015 at 07:26:28PM -0700, Carl Byington wrote:
> On Fri, 2015-06-19 at 11:10 +1000, Mark Andrews wrote:
> > To use the keys in "/etc/named.iscdlv.key" set "dnssec-validation
> > auto;"
> New centos rpms at http://www.five-ten-sg.com/mapper/bind with a default
> named.conf that shoul
10 matches
Mail list logo
