Chris St Denis wrote: > Wojciech Puchar wrote: >> possible reasons >> - your firewall rules are the cause - check it. > > Nope > > eureka# ipfw list > >> - your network card produce problems (REALLY i have that case) > > I have had this kind of error on multiple servers over the years, so > i don't think it's a hardware problem. > >> - the network/LAN named tries to sent UDP packet is somehow flooded. > > Dns is probably fairly busy. It's the primary authorative dns for > some busy domains. Is there a setting I can do to increase the > limits of UDP packets to keep it from causing problems? > > The server is approaching it's 10 mbps interface speed during peak > hours, I may need to upgrade it to 100mbps.
The 10Mb ceiling (provided by your ifconfig output) could be a damper on this. What type of device is em1 attached to? Is it a switch or a hub? Is it possible to upgrade this? You should upgrade it to 100 (or 1000) anyways. Does this device show any collisions? Can you do the following for a few minutes (until at least the problem is triggered): # tcpdump -n -i em1 proto 17 port 53 -s -w /var/log/dns.pcap ...and then: # mail -s "tcpdump output" st...@ipv6canada.com < /var/log/dns.pcap Is this server a caching recursive server for internal clients, or an authoritative server? What else runs on this box? If you generate further network traffic over the interface, do the log entries pile up faster? What does: # netstat -s -p udp say? I'd focus squarely on the 10Mbps cap first. That should be easy to test and eliminate. Then, once that is rectified, we can find out whether it's an inherent problem with the system. Steve
Description: S/MIME Cryptographic Signature