This is on an embedded system, i.e. a 4-core AMD64 low-power machine with 16GB
of memory, that uses 2GB of that as a tmpfs.
90% would cripple the system. I’m going to try 10% (after all, it’s only doing
name service for 200 machines, maybe 450 RRs, and more than have of the
machines are IoTs that talk to a small number of external hosts).
It’s computing the max-cache-size that I’ve set:
Jun 8 21:34:08 OpenWrt named[8106]: /etc/bind/named.conf:42: 'max-cache-size
10%' - setting to 171MB (out of 1714MB)
but no idea where the 1741MB that it is basing that off of is coming from.
Just restarted the service, waited 2 minutes, and redid “rndc stats”:
+++ Statistics Dump +++ (1749440599)
++ Incoming Requests ++
476 QUERY
21 UPDATE
++ Incoming Queries ++
260 A
2 NS
3 SOA
4 PTR
2 MX
42 TXT
66 AAAA
12 SRV
9 NAPTR
11 SVCB
65 HTTPS
++ Outgoing Rcodes ++
387 NOERROR
66 NXDOMAIN
21 NOTAUTH
++ Outgoing Queries ++
[View: default]
643 A
449 NS
1 SOA
1 PTR
2 MX
17 TXT
91 AAAA
2 SRV
2 NAPTR
76 DS
26 DNSKEY
74 HTTPS
[View: _bind]
++ Name Server Statistics ++
497 IPv4 requests received
134 requests with EDNS(0) received
21 requests with TSIG received
21 requests with invalid signature
474 responses sent
134 responses with EDNS(0) sent
21 responses with TSIG sent
325 queries resulted in successful answer
18 queries resulted in authoritative answer
435 queries resulted in non authoritative answer
62 queries resulted in nxrrset
66 queries resulted in NXDOMAIN
315 queries caused recursion
23 duplicate queries received
24 Recursive clients high-water
476 UDP queries received
++ Zone Maintenance Statistics ++
2 IPv4 notifies sent
++ Resolver Statistics ++
[Common]
[View: default]
1384 IPv4 queries sent
1381 IPv4 responses received
62 NXDOMAIN received
3 truncated responses received
497 query retries
3 query timeouts
346 IPv4 NS address fetches
689 DNSSEC validation attempted
414 DNSSEC validation succeeded
275 DNSSEC NX validation succeeded
1274 queries with RTT 10-100ms
106 queries with RTT 100-500ms
1 queries with RTT 500-800ms
4 bucket size
1334 COOKIE send with client cookie only
50 COOKIE sent with client and server cookie
160 COOKIE replies received
150 COOKIE client ok
3 bad cookie rcode
2 priming queries
[View: _bind]
4 bucket size
++ Cache Statistics ++
[View: default]
6324 cache hits
26 cache misses
578 cache hits (from query)
498 cache misses (from query)
0 cache records deleted due to memory exhaustion
38 cache records deleted due to TTL expiration
303 covering nsec returned
1799 cache database nodes
2 cache NSEC auxiliary database nodes
0 cache database hash buckets
988056 cache tree memory in use
32992 cache heap memory in use
[View: _bind (Cache: _bind)]
0 cache hits
0 cache misses
0 cache hits (from query)
0 cache misses (from query)
0 cache records deleted due to memory exhaustion
0 cache records deleted due to TTL expiration
0 covering nsec returned
0 cache database nodes
0 cache NSEC auxiliary database nodes
0 cache database hash buckets
39370 cache tree memory in use
224 cache heap memory in use
++ Cache DB RRsets ++
[View: default]
1250 A
326 NS
95 CNAME
12 SOA
1 PTR
2 MX
10 TXT
773 AAAA
38 DS
111 RRSIG
2 NSEC
22 DNSKEY
3 HTTPS
70 !NS
4 !TXT
13 !AAAA
1 !NAPTR
71 !DS
25 !HTTPS
58 NXDOMAIN
[View: _bind (Cache: _bind)]
++ ADB stats ++
[View: default]
1174 Addresses in hash table
1316 Names in hash table
[View: _bind]
++ Socket I/O Statistics ++
1398 UDP/IPv4 sockets opened
22 TCP/IPv4 sockets opened
1382 UDP/IPv4 sockets closed
6 TCP/IPv4 sockets closed
2 UDP/IPv4 socket connect failures
1 TCP/IPv4 socket connect failures
1381 UDP/IPv4 connections established
3 TCP/IPv4 connections established
3 TCP/IPv4 connections accepted
20 UDP/IPv4 sockets active
25 TCP/IPv4 sockets active
++ Per Zone Query Statistics ++
++ Per Zone Glue Cache Statistics ++
[redfish-solutions.com]
[168.192.in-addr.arpa]
[localhost]
[127.in-addr.arpa]
[0.in-addr.arpa]
[255.in-addr.arpa]
[tiktok.com]
[.]
[10.IN-ADDR.ARPA]
[16.172.IN-ADDR.ARPA]
[17.172.IN-ADDR.ARPA]
[18.172.IN-ADDR.ARPA]
[19.172.IN-ADDR.ARPA]
[20.172.IN-ADDR.ARPA]
[21.172.IN-ADDR.ARPA]
[22.172.IN-ADDR.ARPA]
[23.172.IN-ADDR.ARPA]
[24.172.IN-ADDR.ARPA]
[25.172.IN-ADDR.ARPA]
[26.172.IN-ADDR.ARPA]
[27.172.IN-ADDR.ARPA]
[28.172.IN-ADDR.ARPA]
[29.172.IN-ADDR.ARPA]
[30.172.IN-ADDR.ARPA]
[31.172.IN-ADDR.ARPA]
[64.100.IN-ADDR.ARPA]
[65.100.IN-ADDR.ARPA]
[66.100.IN-ADDR.ARPA]
[67.100.IN-ADDR.ARPA]
[68.100.IN-ADDR.ARPA]
[69.100.IN-ADDR.ARPA]
[70.100.IN-ADDR.ARPA]
[71.100.IN-ADDR.ARPA]
[72.100.IN-ADDR.ARPA]
[73.100.IN-ADDR.ARPA]
[74.100.IN-ADDR.ARPA]
[75.100.IN-ADDR.ARPA]
[76.100.IN-ADDR.ARPA]
[77.100.IN-ADDR.ARPA]
[78.100.IN-ADDR.ARPA]
[79.100.IN-ADDR.ARPA]
[80.100.IN-ADDR.ARPA]
[81.100.IN-ADDR.ARPA]
[82.100.IN-ADDR.ARPA]
[83.100.IN-ADDR.ARPA]
[84.100.IN-ADDR.ARPA]
[85.100.IN-ADDR.ARPA]
[86.100.IN-ADDR.ARPA]
[87.100.IN-ADDR.ARPA]
[88.100.IN-ADDR.ARPA]
[89.100.IN-ADDR.ARPA]
[90.100.IN-ADDR.ARPA]
[91.100.IN-ADDR.ARPA]
[92.100.IN-ADDR.ARPA]
[93.100.IN-ADDR.ARPA]
[94.100.IN-ADDR.ARPA]
[95.100.IN-ADDR.ARPA]
[96.100.IN-ADDR.ARPA]
[97.100.IN-ADDR.ARPA]
[98.100.IN-ADDR.ARPA]
[99.100.IN-ADDR.ARPA]
[100.100.IN-ADDR.ARPA]
[101.100.IN-ADDR.ARPA]
[102.100.IN-ADDR.ARPA]
[103.100.IN-ADDR.ARPA]
[104.100.IN-ADDR.ARPA]
[105.100.IN-ADDR.ARPA]
[106.100.IN-ADDR.ARPA]
[107.100.IN-ADDR.ARPA]
[108.100.IN-ADDR.ARPA]
[109.100.IN-ADDR.ARPA]
[110.100.IN-ADDR.ARPA]
[111.100.IN-ADDR.ARPA]
[112.100.IN-ADDR.ARPA]
[113.100.IN-ADDR.ARPA]
[114.100.IN-ADDR.ARPA]
[115.100.IN-ADDR.ARPA]
[116.100.IN-ADDR.ARPA]
[117.100.IN-ADDR.ARPA]
[118.100.IN-ADDR.ARPA]
[119.100.IN-ADDR.ARPA]
[120.100.IN-ADDR.ARPA]
[121.100.IN-ADDR.ARPA]
[122.100.IN-ADDR.ARPA]
[123.100.IN-ADDR.ARPA]
[124.100.IN-ADDR.ARPA]
[125.100.IN-ADDR.ARPA]
[126.100.IN-ADDR.ARPA]
[127.100.IN-ADDR.ARPA]
[254.169.IN-ADDR.ARPA]
[2.0.192.IN-ADDR.ARPA]
[100.51.198.IN-ADDR.ARPA]
[113.0.203.IN-ADDR.ARPA]
[255.255.255.255.IN-ADDR.ARPA]
[0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA]
[1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA]
[D.F.IP6.ARPA]
[8.E.F.IP6.ARPA]
[9.E.F.IP6.ARPA]
[A.E.F.IP6.ARPA]
[B.E.F.IP6.ARPA]
[8.B.D.0.1.0.0.2.IP6.ARPA]
[EMPTY.AS112.ARPA]
[HOME.ARPA]
[RESOLVER.ARPA]
[version.bind (view: _bind)]
[hostname.bind (view: _bind)]
[authors.bind (view: _bind)]
[id.server (view: _bind)]
--- Statistics Dump --- (1749440599)
> On Jun 8, 2025, at 8:48 PM, Ondřej Surý <ond...@isc.org> wrote:
>
> Does the named report proper max-cache-size into the log when starting?
>
> Something like:
>
> 'max-cache-
> size 90%' - setting to 86522MB (out of 96136MB)
>
> Ondrej
> --
> Ondřej Surý — ISC (He/Him)
>
> My working hours and your working hours may be different. Please do not feel
> obligated to reply outside your normal working hours.
>
>> On 8. 6. 2025, at 22:45, Philip Prindeville via bind-users
>> <bind-users@lists.isc.org> wrote:
>>
>> I’m currently doing an “rndc flush” every hour to stop my system from
>> getting exhausted. I’ll disable that and report back in a few hours.
>
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
