On 24/12/2019 02:25, Jackson Yap wrote:
We realised when we do a pdns_control notify '*' , many axfrs cannot
be transferred to our pdns slave. We have about 500+ zones in total.
Only when we do specific domain notify like pdns_control notify
'example.com <http://example.com>’, it will work properly.
My question is, what settings could have provided mass pdns notify
from working properly?
I'd suggest you try using tcpdump to look at what's happening. Some
thoughts:
1. Notifies are sent over UDP. Maybe when you try to send 500 UDP
packets simultaneously, some of them are being thrown away (e.g. some
buffer is overflowing). tcpdump at the receiving server(s) too if possible.
2. Maybe when there are too many incoming connections, some are being
rejected (look for R[ST] as the response). See
https://docs.powerdns.com/authoritative/settings.html#max-tcp-connections
3. Maybe your backend database is slow and can't handle that many
concurrent AXFRs
As for solutions: maybe you're better avoiding doing pdns_control notify
"*". One way would be to spread your notifies over a minute or two.
Another would be to use native replication between your backend
databases, which avoids the need for AXFR completely.
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
