On Aug 28, 2009, at 8:59 AM, Dave Sparro wrote:
On Thu, Aug 27, 2009 at 12:17 PM, Niall
O'Reilly<niall.orei...@ucd.ie> wrote:
Lisa Casey wrote:
Aug 26 12:48:56 netlink named[295]: client 207.191.185.6#60614: no
more
recursiv
e clients: quota reached
Any ideas on how I should go about solving/fixing this?
I'ld suggest you check your connectivity and routing.
We see this behaviour occasionally, but only ever as a
consequence of a back-hoe incident or similar catastrophe
which
isolates one of our campuses where there is a local resolving
server.
Although it may not be a problem on your end of the network. You
could be seeing a spike in DNS queries because somebody really, really
wants to talk to a remote location that is having problems.
DNStop may be able to help you pinpoint what DNS queries are giving
you problems:
http://dns.measurement-factory.com/tools/dnstop/
Run it on the DNS server to see if there are any queries that you are
seeing get repeated continuously.
--
Dave
I concur. 1000 is a lot of simultaneous queries. Perhaps your site
is busy enough to generate that many "legitimate" queries, but
hitting that 1000 mark can also be a symptom of something slowing or
black-holing queries. When I've seen "quota reached" logging,
typically further investigation reveals that there were network
connectivity
issues at the time.
Your example of 564/1000, if that's typical suggests that perhaps you
truly do have enough
normal queries to top out occasionally. On the other hand, if you
usually see fewer than
100, but it occasionally shoots to 1000, that could be a specific app
doing something
(e.g., monthly web access log analysis), but could also be network
issues.
(In some cases, it might be useful to set up a separate nameserver
dedicated to the
demanding app.)
The age of the queries can also be revealing.
John
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
