Bluehost.com Web Hosting $6.95

Re: thousands of RFails bring namserver down

This is a discussion on Re: thousands of RFails bring namserver down within the Bind Users forums, part of the DNS and Related Forums category; wolf, if you look back in the bind-ml archive you will find some posts from me with a similar ...


Go Back   Usenet Forums > DNS and Related Forums > Bind Users

Reload this Page Re: thousands of RFails bring namserver down

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 07-29-2003
Ladislav Vobr
 
Posts: n/a
Default Re: thousands of RFails bring namserver down
wolf,

if you look back in the bind-ml archive you will find some posts
from me with a similar problem, it's a general problem of recursive
nameservers they might be over-utilized by retrying to bring a answer
for a recursive requests. You have to live with it, you can blackhole
the client, or you can setup a master zone for that queried domain with
a very high TTL ( not years :-) )and answer the request, which should be
cached in the originated nameserver, I am not sure if this is completely
legal but it saved my "life" :-) several times. You can as well mark it
bogus and avoid the queries to the remote nameserver to be retried. In
my case I am trying to separate the recursive and nonrecursive dns
services so not everything is impacted when the recursive servers has to
do lot of work. You can use as well some load balancers or l4-7
switches, some of them can filter the traffic on dns level and avoid
such a traffic to reach you dns even if it is distributed.You can as
well use some tools to monitor dns traffic and script some tools to do
the blocking/blackholing automatically.

Hope you will still read this since I have missed 2-3 months in the
mailing list and have to catch up now:-)

Ladislav


wolf_qwert wrote:

>Hi,
>
>I am running a bind8 nameserver and have a problem with thousands of
>queries to my nameserver for a nameserver that currently seems to be
>down. During the last hour the RFail count went up 698202! My
>nameserver gets the queries from one client (and my problem is, that I
>don't have access to this client) and starts to send every query out -
>waits for the timeout and tries again. In the end the server sends the
>query back unanswered to the client as it should. The result is that
>the CPU is at 100% and no normal query gets answered in an aceptable
>time. Now I have 3 questions:
>1.Is there no way to tell the named to cache the information that the
>nameserver is currently not answering?
>2.Should not the client store the information that the server is not
>available?
>3.Is there a client that is known for sending thousands of queries if
>it gets no correct answer?
>Any hints are welcome!
>
>
>


Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On




All times are GMT +1. The time now is 12:42 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0