Re: questions on allow-query

2018-02-21 Thread Bob Harold
On Wed, Feb 21, 2018 at 8:18 AM, Tony Finch wrote: > Evan Hunt wrote: > > > > One thing to keep in mind, though, is that the two services will share > each > > other's fates. If I were deploying a really big high-traffic server, I > > might consider whether I

Re: DNS performance Help when query log is off -- which default parameters will impact the DNS performance

2018-02-21 Thread Paul Kosinski
Could it be that you're network limited? In any case, the values of the following parameters may be illuminating (they may be obtained via "rndc status"). CPUs found worker threads UDP listeners per interface For example, my very lightly loaded authoritative server reports: version:

Re: bind-users Digest, Vol 2842, Issue 2

2018-02-21 Thread Warren Kumari
use the recursive servers >> > are >> > in an HA cluster using keepalived and the health checker won't bring a >> > node into service until it has finished starting. >> > >> > Our authoritative servers ar

Re: bind-users Digest, Vol 2842, Issue 2

2018-02-21 Thread SIMON BABY
uff even when bits > of > >> > the network are broken. (Downstream validating resolvers will probably > >> > be > >> > out of luck tho.) This is about 70 zones, average size about 2MB, > >> > biggest > >> > about 30MB. But, we also have RPZ an

Re: questions on allow-query

2018-02-21 Thread Tony Finch
Evan Hunt wrote: > > One thing to keep in mind, though, is that the two services will share each > other's fates. If I were deploying a really big high-traffic server, I > might consider whether I wanted my recursive service to have to wait for > all the zones to load before it

Re: questions on allow-query

2018-02-21 Thread Barry Margolin
In article , "Darcy Kevin (FCA)" wrote: > Other than the master server(s), where there is no choice but to be > authoritative, at one end of the spectrum, and border resolvers, for which > there is no choice but to

RE: Help

2018-02-21 Thread Tony Finch
PENG, JUNAN wrote: > > Is there any way to adjust some default parameters to increase named > process CPU usage to improve system performance when query log is on ? No, because your problem is lock contention in BIND's logging code. But, if you compile a more recent version with

DNS performance Help when query log is off -- which default parameters will impact the DNS performance

2018-02-21 Thread PENG, JUNAN
Hi, Tony During my performance test, I also tested the performance without query logs. I disabled the query log feature , but it seemed that QPS couldn't go higher (about 75KQPS) when CPU still had lots of room -- Named CPU Usage was about 250%, but in theory it can reach to 400% (4

Help

2018-02-21 Thread PENG, JUNAN
Hi I encountered a weir performance issue: Virtual DNS running in VM - (Flavor 4 vCPU), in theory, the named process can reach to 400% Query Log is On: When Traffic is 35KQPS, Named Process CPU usage can reach to maximum 260% . but , Even if I increase the traffic to 70KQPS, the named

Re: Help

2018-02-21 Thread Tony Finch
PENG, JUNAN wrote: > > Why Query log off/on feature is impacting named CPU Usage ? It has to serialize query processing in order to write to the log, and that serialization barrier limits the parallelism that it can achieve (due to Amdahl's law). Tony. -- f.anthony.n.finch

Re: bind-users Digest, Vol 2842, Issue 2

2018-02-21 Thread SIMON BABY
s HA engineering on our > > auth servers, and I'm relatively relaxed about patching them, because I > > (foolishly?) trust other resolvers out on the Internet to make effective > > use of my secondaries. > > > > Tony. > > -- > > > Likewise. My resolver