Hi there, On Sun, 11 Nov 2012, Ed LaFrance wrote:
Running BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5 ...
Somebody already said upgrade. Generally that's the first thing to do in a case like this (before asking on mailing lists:).
The issue is that named is not keeping up with rdns requests. The nameserver is only doing rdns, and it's the only public process on the server (no webhosting, monitoring, etc). When I check the router above this server I'll see 200 - 500 legitimate connections to this server at any given time. ...
I'm not convinced that BIND is the problem. What does 'top' tell you? Are you running netfilter/iptables on the box? Might be ip_conntrack. I once had an issue with a lot of dropped TCP connections, each of which was hanging around for five days (the default). They filled the connection tracking table. The default is too long, ridiculously so. After I reduced it to something more reasonable the problem went away. -- 73, Ged. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
