Re: [Pdns-users] Problems with PowerDNS

Tue, 10 Nov 2015 13:12:49 -0800

I suppose sense you have dnssec=yes, you are using dnssec, This will cause a lot of sql queries.
pdns is using 100% cpu of a single core, did you try adjusting receiver-threads >1 probably for that box set it to 4 and test, maybe higher even. 


Since I don't know much about what your pdns server is doing (and I  
haven't had issues on mine), I assume the dnssec dynamic signing is  
eating your cpu, and it only has one worker thread to do it with,  
limiting it to a single core.


I could be completely wrong.


Quoting "Nadir M. Aliyev" <ad...@bakinter.net>:


Dear Peter van Dijk, my connection link is 1000Gbps, server hardware  
from cisco ucs. There is no problem with hardware. But mysql uses  
huge resources even not zone in db it sends 4-5 queries to the db.



I used percone tools to optimize mysql configuration. But it  
decreased cpu usage only 10%. I have 10.000 query per second.


Maybe I need do some tuning on TTLs?

-----Original Message-----

From: pdns-users-boun...@mailman.powerdns.com  
[mailto:pdns-users-boun...@mailman.powerdns.com] On Behalf Of Peter  
van Dijk

Sent: 10 noyabr 2015, çərşənbə axşamı 16:58
To: pdns-users@mailman.powerdns.com
Subject: Re: [Pdns-users] Problems with PowerDNS

Hello Nadir,


based on the logs, it looks like your powerdns has trouble reaching  
the Internet at all. Are you on a slow or congested link? Note that  
in general your machine looks quite busy!


Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

On 10 Nov 2015, at 13:01, Nadir M. Aliyev wrote:


Hi everyone!



I have problems with some domains



For ex. When I do google.com sometimes I get ns records but sometimes
I get SERFVAIL also it happens basically with google. When I restrart
pdns it works normally for 5 minutes. Then again SERVFAIL.



Strange, some domains works some not works.. Even if cache hits.

I increased cache ttls not helped.



Server details: 8 core cpu, 8 GB of Ram.

Load: pdns 100%, mysql 120%, pdns-recursor 30%, network 40 mbps.





Some logs:

Nov 10 15:33:08 ns01 pdns_recursor[15237]: Sending SERVFAIL to
127.0.0.1
during resolve of 'gm-realm.net.' because: Too much time waiting for
gm-realm.net.|A, timeouts: 5, throttles: 1, queries: 6, 7578msec

Nov 10 15:33:09 ns01 pdns_recursor[15237]: Sending SERVFAIL to
127.0.0.1
during resolve of 'gm-realm.net.' because: Too much time waiting for
gm-realm.net.|A, timeouts: 5, throttles: 2, queries: 6, 7504msec

Nov 10 15:33:12 ns01 pdns_recursor[15237]: Sending SERVFAIL to
127.0.0.1
during resolve of 'gm-realm.net.' because: Too much time waiting for
gm-realm.net.|A, timeouts: 5, throttles: 3, queries: 6, 7502msec

Nov 10 15:33:13 ns01 pdns_recursor[15237]: Sending SERVFAIL to
127.0.0.1
during resolve of 'us.micardapi.micloud.xiaomi.net.' because: Too much
time waiting for us.api.micloud.mi.com.|A, timeouts: 5, throttles: 0,
queries: 7,
7709msec

Nov 10 15:33:18 ns01 pdns_recursor[15237]: Sending SERVFAIL to
127.0.0.1
during resolve of 'www.coocent.net.' because: Too much time waiting
for s-149179.abc188.com.|A, timeouts: 5, throttles: 0, queries: 8,
8093msec

Nov 10 15:33:18 ns01 pdns_recursor[15237]: Sending SERVFAIL to
127.0.0.1
during resolve of 'www.6ud1.com.' because: Too much time waiting for
www.6ud1.com.|A, timeouts: 5, throttles: 0, queries: 6, 7502msec

Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: 1787915 questions,
497334
cache entries, 86066 negative entries, 11% cache hits

Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: throttle map: 6856,
ns
speeds: 29645

Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: outpacket/query
ratio 49%, 11% throttled, 0 no-delegation drops

Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: 211 outgoing tcp
connections, 1 queries running, 50712 outgoing timeouts

Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: 322566 packet cache
entries, 61% packet cache hits

Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: 926 qps (average
over 1930
seconds)



Config:



I have one master server which replicates db to the four slave server.



# cat recursor.conf

..

hint-file=/etc/pdns/named.root

allow-from=127.0.0.0/8

local-address=127.0.0.1

local-port=5353

version-string=Bind Recursor

..



# cat /etc/pdns/pdns.conf

..

launch=gmysql

gmysql-host=127.0.0.1

gmysql-port=3306

gmysql-user=p_owerdns

gmysql-password=verysecretpassword

gmysql-dbname=p_ owerdns

gmysql-dnssec="yes"



#allow to customers

allow-recursion=127.0.0.1/8, 172.16.0.0/16, 10.0.0.0/8,
xxx.xxx.xxx.xxx/16



#master

#allow-axfr-ips=172.16.6.30



local-address=0.0.0.0

local-port=53



control-console=no



query-cache-ttl=18600

cache-ttl=18600

default-ttl=7200

soa-expire-default=18600

soa-minimum-ttl=3600

soa-refresh-default=10800

soa-retry-default=3600



daemon=yes



default-soa-name=ns.master.mydomain.net



distributor-threads=18



guardian=yes



#lazy-recursion=yes



master=no

slave=yes

slave-cycle-interval=600



max-tcp-connections=100

max-queue-length=50000



recursor=127.0.0.1:5353



out-of-zone-additional-processing=yes



webserver=yes

webserver-address=172.16.6.34

webserver-password=adminadminadmin

webserver-port=8081

webserver-print-arguments=yes



#loglevel=9

#log-dns-details=yes

#log-dns-queries=yes

#query-logging=yes



version-string=Bind Resolver

..

_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users


_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users


_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users





_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users






















					Reply via email to