On 04/04/2022 10:41, Jeroen Koekkoek wrote:
Hi Jeroen,
There's two things that can be done to reduce the amount of memory
required. 1) Disable the on-disk database. i.e. 'database: ""' in the
configuration file. 2) (Re)compile NSD with --disable-radix-tree, as
the radix tree requires more memory to operate.
We are already running NSD without an on-disk database.
Wouter had suggestion in an old message that disabling the radix tree
might give us about 10% gain. So this might help us briefly, until the
steady growth of zone sizes triggers this issue again.
A tip from a colleague was to change the kernel overcommit value. I
have no experience with this, so you/we'd have to test this (happy to
look into this further). Allowing the kernel to always overcommit
allows the fork to succeed even though double the memory is not
available. The rationale here being that when a zone is updated, it's
not the entire size of the RAM, only some pages get overwritten and
therefore could do the trick.
This is an interesting approach, and I could even try adding swap to the
server. We currently don't create any swap partitions on our servers.
I'm thinking the other, perhaps bigger, problem here is the stray
transfers that are left behind(?) There's some work being done on
slightly altering the behavior for zone transfers in porting zone
verification (CreDNS) to NSD. That should already improve the situation
quite a bit as only a certain window is being retried instead of all
current transfers before proceeding. Maybe, after that's in, we could
look into adding an option to throttle updates (not discussed with the
team).
Yes, this issue is still a problem. It's not just stray transfers. In
our case, once the master nsd process died, and wasn't replaced, xfrd
kept performing transfers, and saving them to disk. The log file also
kept growing, and rotation didn't work. The disappearance of the master
process wasn't noticed.
Regards,
Anand
_______________________________________________
nsd-users mailing list
nsd-users@lists.nlnetlabs.nl
https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users
