[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bind 9.2.2 recursive lookup problem

On Thu, Jun 12, 2003 at 06:45:40AM -0700, Bruce Banner wrote:
>    We are currently experiencing a problem with bind9 looking up some
>    recursive queries.  The problem doesn't seem to be following any
>    certain domain and it usually occurs sporadically.  I can't seem to
>    recreate it either only our email server is able to recreate
>    it.  There are no errors in any of the logs and we are only running at
>    1 percent cpu utilization and spiking at 6 percent only for split
>    seconds.  There is no swapping going on, we are running strictly out
>    of memory.  Right now we are averaging 100-150 queries per/second.
>    This problem doesn't seem to be happening for domains we are
>    authoritative for.  Do you guys have any ideas?

Have you got any firewall's between you and the big bad world? I've seen
Checkpoint FW-1 dropping DNS UDP packets, claiming they were badly formed
and part of an attack, when afaics they were fine, coming from a BIND 9.2.1
debian box.

(Sorry for being off-topic for the list etc...)


-simonm (E: simon@asidua.com W: +44 28 9072 5060 M: +44 7710 836915)
Pound! Bang! Bin! Bash! is this a shell script or a Batman comic?

Reply to: