A couple of weeks ago, we experienced an outage on our external Internet links. Ideally, this shouldn't affect queries for internal resources - we expect those queries to continue to be answered.
That being said, we saw a bunch of messages in our logs such as: client 192.168.1.2#56075: no more recursive clients (1000/0/1000): quota reached It's my understanding that by default, BIND limits the number of concurrent recursive queries to 1000, so obviously during these situations, we need to raise our client limit (recursive-clients) to deal with this. What I'm curious about is how BIND behaves when it can't finish iterative queries: when someone queries for yahoo.com, and the root (or .com, yahoo.com) nameservers aren't reachable, does BIND then issue a SERVFAIL response (assuming yes)? How long will BIND wait before returning SERVFAIL? At what point does BIND assume a domain is down altogether? What's the behavior then? In other words, how do we keep ourselves from being overwhelmed with unanswerable queries during a network outage? John _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
