Re: New BIND 4 & 8 Vulnerabilities
On Mon, Nov 18, 2002 at 11:06:06AM -0800, Jeremy C. Reed wrote:
> On Sun, 17 Nov 2002, Craig Sanders wrote:
>
> > FYI, doesn't look like the memory leaks have been fixed:
> >
> > # ps v -Cnamed
> > PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND
> >6799 ? S 0:00 111 232 336175 200968 39.1 /usr/sbin/named -u bind
> >6801 ? S 0:00 0 232 336175 200968 39.1 /usr/sbin/named -u bind
> >6802 ? S 466:10 2757 232 336175 200968 39.1 /usr/sbin/named -u bind
> >6803 ? S 0:04 1 232 336175 200968 39.1 /usr/sbin/named -u bind
> >6804 ? R 49:56 1 232 336175 200968 39.1 /usr/sbin/named -u bind
> >
> > this is on a machine where bind 8 used to use about 150MB. bind 9
> > has been running for only 4 days.
>
> What did that "ps v -Cnamed" show on the earlier and later days?
named (bind8) had been using about 150-160MB for over six months (it
secondaries a huge 75MB zonefile). i had to upgrade the memory in that machine
from 256MB to 512MB because of this...i finally got around to doing that 2
months ago. memory usage varied by no more than about 5MB at any given time,
mostly due to variations in the size of the zonefile it secondaries.
here's what i cut and pasted just before i upgraded to bind9:
bind 8.3.3-2:
# ps v -Cnamed
PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND
437 ? R 2245:18 25633 494 159393 83608 16.2 /usr/sbin/named
and immediately after upgrading to bind9 9.2.1-5:
# ps v -Cnamed
PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND
6799 ? S 0:00 111 232 192351 174124 33.9 /usr/sbin/named -u bind
6801 ? S 0:00 0 232 192351 174124 33.9 /usr/sbin/named -u bind
6802 ? S 5:57 189 232 192351 174124 33.9 /usr/sbin/named -u bind
6803 ? S 0:00 1 232 192351 174124 33.9 /usr/sbin/named -u bind
6804 ? S 0:16 1 232 192351 174124 33.9 /usr/sbin/named -u bind
4 days later, bind9 was consuming over 330MB as the quoted 'ps v' shows above.
so i changed back to bind 8.
i installed bind8 version 8.3.3-3 a few days ago, and memory consumption is
back to what it was:
# ps v -Cnamed
PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND
32705 ? S 114:42 842 494 157641 152428 29.7 /usr/sbin/named -u bind -g bind
as far as i am concerned, this is sufficient evidence that bind9 has serious
memory consumption problems. this is exactly why i stopped experimenting with
earlier versions of bind9 on another machine over 6 months ago, and why i
started experimenting with alternatives like djbdns and maradns (unfortunately,
neither of these are adequate as complete replacements for bind - they make OK
caching-only servers but i wouldn't use them as authoritative servers).
this whole exercise has had one benefit at least, i finally set it up to run as
user bind rather than as root.
craig
--
craig sanders <cas@taz.net.au>
Fabricati Diem, PVNC.
-- motto of the Ankh-Morpork City Watch
Reply to: