<html><head></head><body><div>Following is the configuration file. The strace output is attached here</div><div><br></div><div><a href="https://drive.google.com/file/d/1lRBNr6PB83zdbfMVtSKbzZ5ZKipy140f/view?usp=sharing">https://drive.google.com/file/d/1lRBNr6PB83zdbfMVtSKbzZ5ZKipy140f/view?usp=sharing</a></div><div><br></div><div><br></div><div>controlSocket('127.0.0.1:5199')</div><div>setConsoleACL('127.0.0.1/32')</div><div>setKey("KEY")</div><div><br></div><div>-- Add Listeners, one entry for each CPU Core for v4 and v6</div><div>addLocal("0.0.0.0:53", {reusePort=true}) -- Listen on IPv4, port 53</div><div>addLocal("0.0.0.0:53", {reusePort=true}) </div><div>addLocal("0.0.0.0:53", {reusePort=true}) </div><div>addLocal("0.0.0.0:53", {reusePort=true}) </div><div>addLocal("[::]:53", {reusePort=true}) -- Listen to IPv6 port 53</div><div>addLocal("[::]:53", {reusePort=true})</div><div>addLocal("[::]:53", {reusePort=true})</div><div>addLocal("[::]:53", {reusePort=true})</div><div><br></div><div>-- Backend Servers, adding multiple UDP threads for backends to handle more load</div><div>newServer({name="Caching-048-3-1", address="10.12.48.3", maxCheckFailures=3, checkInterval=5, rise=3, weight=5, qps=2500})</div><div>newServer({name="Caching-048-3-2", address="10.12.48.3", maxCheckFailures=3, checkInterval=5, rise=3, weight=5, qps=2500})</div><div>newServer({name="Caching-048-4-1", address="10.12.48.4", maxCheckFailures=3, checkInterval=5, rise=3, weight=5, qps=2500})</div><div>newServer({name="Caching-048-4-2", address="10.12.48.4", maxCheckFailures=3, checkInterval=5, rise=3, weight=5, qps=2500})</div><div>newServer({name="Caching-188-3-1", address="10.12.188.3", maxCheckFailures=3, checkInterval=5, rise=3, weight=5, qps=2500})</div><div>newServer({name="Caching-188-3-2", address="10.12.188.3", maxCheckFailures=3, checkInterval=5, rise=3, weight=5, qps=2500})</div><div>newServer({name="Caching-188-4-1", address="10.12.188.4", maxCheckFailures=3, checkInterval=5, rise=3, weight=5, qps=2500})</div><div>newServer({name="Caching-188-4-2", address="10.12.188.4", maxCheckFailures=3, checkInterval=5, rise=3, weight=5, qps=2500})</div><div><br></div><div>-- Allow clients IPs to connect</div><div>addACL("100.64.0.0/10")</div><div>addACL("2001:d000::/32")</div><div><br></div><div>-- Limit /32 ipv4 and /128 ipv6 to 40 (burst10) /80 (burst20) QPS</div><div>-- addAction(MaxQPSIPRule(50,32,128,10), DelayAction(500))</div><div>addAction(MaxQPSIPRule(100,32,128,20), DropAction())</div><div><br></div><div>setServerPolicy(leastOutstanding)</div><div><br></div><div>-- Enable DNS query caching</div><div>-- 300K entries with avg 512B would take about 150MB of RAM</div><div>pc = newPacketCache(300000, {maxTTL=86400, minTTL=0, temporaryFailureTTL=60, staleTTL=60, dontAge=false})</div><div>getPool(""):setCache(pc)</div><div><br></div><div>-- Enable Webserver</div><div>webserver("0.0.0.0:8083", "PASSWORD", "API-KEY", {}, "192.168.19.0/24")</div><div><br></div><div>-- Graphing Statistics</div><div>carbonServer("37.252.122.50", "NTL-DNSLB-GD-01", 30, "dnsdist", "main")</div><div class="-x-evo-signature-wrapper"><span class="-x-evo-signature" id="6f6306a32ce29e35715041312434da4c565f761b"><pre><br></pre><pre>Regards</pre><pre><br></pre><pre>Jahanzeb</pre></span></div><div><br></div><div>On Thu, 2020-12-24 at 09:56 +0100, Remi Gacogne via dnsdist wrote:</div><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><div>Hi,<br></div><div><br></div><div>On 12/24/20 7:25 AM, Jahanzeb Arshad via dnsdist wrote:<br></div><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><div>We have deployed two instances of dnsdist v1.5.1 on CentOS 7.9. After <br></div><div>running for 7-8 days both the machines start showing erratic CPU usage <br></div><div>pattern. The CPU usage jumps to 40% then 0 and the servers keep on doing <br></div><div>this. If the process is restarted this is fixed. Need some help to <br></div><div>identify and fix this issue.<br></div></blockquote><div><br></div><div>Would you mind posting the dnsdist configuration you are using, after <br></div><div>redacting passwords and API keys, of course?<br></div><div><br></div><div>It would also be very helpful if you could do a "strace -f -p <pid of <br></div><div>dnsdist>" for a few seconds after the process has started acting out. <br></div><div>Getting a backtrace might also help, which can be done by attaching a <br></div><div>debugger via "gdb -p <pid of dnsdist>" then issuing "thread apply all bt <br></div><div>full".<br></div><div><br></div><div>Best regards,<br></div></blockquote></body></html>