BIND and/or IPFW weirdness
Doug Barton
DougB at FreeBSD.org
Tue Apr 22 00:48:47 PDT 2003
First, you should really buy, and read, "DNS and BIND, Fourth Edition." It
should help you get a better understanding of how the pieces fit together.
On Mon, 21 Apr 2003, Blake Swensen wrote:
> I have two systems (RELENG_4_3 vintage).
Well, you should definitely consider upgrading. A number of bugs have been
fixed since 4.3.
> Both are running BIND 8.4.3-REL
You have a time machine? :) The current version is 8.3.4.
> and both are running IPFW. One is acting as master DNS and the
> other is acting as slave for IP4 zones
DNS zones have no notion of IPv4 or IPv6. The contents of the zones might,
but the zones themselves don't.
> (about 65 domain names) outside our firewall. I also have an internal
> DNS server resolving our private addresses.
>
> Last week the named on the slave server started to peg systat's pig load
> to about 88%. After confirming that this wasn't a DOS attack with my
> ISP, I am still unable to get the DNS to calm down.... now the process
> load has extended to the master and systat is reporting about 90% load.
>
> Cannot determine why these systems are being hammered --
Have you turned on query logging? That should give you a pretty good idea.
Instructions for this are in the BIND docs. If you turn that on and don't
see actual queries, then it's time to tcpdump the traffic.
HTH,
Doug
--
This .signature sanitized for your protection
More information about the freebsd-isp
mailing list