Re: Interaction of -S and recursive-clients?
On 05/17/2012 12:20 PM, Chris Thompson wrote: > Our local university-wide recursive nameservers have > > options { /* ... */ > recursive-clients 5000; > } > > This is meant to be reached only at very bad times indeed. During a recent > network partition incident, I noticed that named logged > > named: general: error: socket: file descriptor exceeds limit (4096/4096) > last message repeated 1194 times > named: general: error: socket: file descriptor exceeds limit (4096/4096) > last message repeated 780 times > > a few seconds before it started on > > named: client: warning: client 131.111.***.***#*: recursive-clients > soft limit exceeded (4901/4900/5000), aborting oldest query > > As far as I can see, the only way to increase the socket limit is to use > -S in the named argument list. Should one always set this (at least as) > high as the recursive-clients setting? (Actually, I am more tempted to > try decreasing recursive-clients from 5000 to 4000 as these numbers are > reached only when the network has gone pear-shaped anyway.) > It looks like you are reaching an OS limit for open files. On linux, you can check this with 'ulimit -n'. Determining the limit will vary for other operating systems. On what OS are you running BIND? ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
dlz_dlopen plug-in for ENUM from LDAP
I've recently released a dlz ENUM module for the bind9 nameserver: http://www.opentelecoms.org/dlz-ldap-enum Basically, it handles ENUM queries from repro, FreeSWITCH, Kamailio, Asterisk, Lumicall, etc, searches for the phone number in LDAP, and if found, returns the email address as both a SIP address and Jabber address (NAPTR records) This should make it even easier than ever before to get federated VoIP up and running using email addresses interchangeably with phone numbers. If the data already exists in LDAP as an address book, then just installing this module is sufficient to get up and running. This code is based on the dlz_ldap code in bind 9.8.0. Looking through the git repo it is possible to see how to adapt the statically linked dlz_ldap to work as a dlz_dlopen module, completely dynamically. I'd be interested in any feedback about the way it has been implemented. Regards, Daniel ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Interaction of -S and recursive-clients?
Our local university-wide recursive nameservers have options { /* ... */ recursive-clients 5000; } This is meant to be reached only at very bad times indeed. During a recent network partition incident, I noticed that named logged named: general: error: socket: file descriptor exceeds limit (4096/4096) last message repeated 1194 times named: general: error: socket: file descriptor exceeds limit (4096/4096) last message repeated 780 times a few seconds before it started on named: client: warning: client 131.111.***.***#*: recursive-clients soft limit exceeded (4901/4900/5000), aborting oldest query As far as I can see, the only way to increase the socket limit is to use -S in the named argument list. Should one always set this (at least as) high as the recursive-clients setting? (Actually, I am more tempted to try decreasing recursive-clients from 5000 to 4000 as these numbers are reached only when the network has gone pear-shaped anyway.) -- Chris Thompson Email: c...@cam.ac.uk ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: nsupdate fails on CNAME but A and PTR goes through
sort of a false alarm nsupdate with FQDN(dot) did work!(???) On 17/05/12 12:03, lejeczek wrote: hi everybody when I do: > server 127.0.0.1 > zone ccnr.biotechnology. > update add second 86400 in cname first > send update failed: NOTZONE in log I get: May 17 11:59:10 whale named[2910]: debug level is now 5 May 17 12:00:28 whale named[2910]: client 127.0.0.1#33465: view biotech: signer "nsupdate_key" approved May 17 12:00:28 whale named[2910]: client 127.0.0.1#33465: view biotech: updating zone 'ccnr.biotechnology/IN': update failed: update RR is outside zone (NOTZONE) any help greatly apreciated thanks! ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: nsupdate fails on CNAME but A and PTR goes through
> > server 127.0.0.1 > > zone ccnr.biotechnology. > > update add second 86400 in cname first > > send > update failed: NOTZONE Have you tried specifying qualified names? update add second.ccnr.biotechnology. 86400 in cname first.ccnr.biotechnology. -JP ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
nsupdate fails on CNAME but A and PTR goes through
hi everybody when I do: > server 127.0.0.1 > zone ccnr.biotechnology. > update add second 86400 in cname first > send update failed: NOTZONE in log I get: May 17 11:59:10 whale named[2910]: debug level is now 5 May 17 12:00:28 whale named[2910]: client 127.0.0.1#33465: view biotech: signer "nsupdate_key" approved May 17 12:00:28 whale named[2910]: client 127.0.0.1#33465: view biotech: updating zone 'ccnr.biotechnology/IN': update failed: update RR is outside zone (NOTZONE) any help greatly apreciated thanks! ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users