<div dir="ltr">
<div>Hello all,</div><div> Long time lurker on the message list and would like some performance and/or tuning advice.</div><div>We've been using pdns-recursor as internal recursive nameservers for quite some time now.</div><div>The original implementer of pdns departed and I was recently tasked with replacing or upgrading all of the servers with newer RHEL9 versions. I opted to build fresh and migrate the configuration to the latest 5.2 release.<br><br></div><div>I'm
hearing occasional complaints about odd issues and/or clients cycling
through their DNS servers rapidly (timeouts?). Manual testing DNS works but I
am reading through the metrics and performance documentation. I am
hoping someone with a more experienced eye could take a look at a
sampling of the periodic statistics report (below) and provide some
insight or prioritization on any urgent issues I should focus on
studying first.<br><br></div><div>My observations:<br></div><div></div><div>* I
do note that the performance documentation talks about
firewalld/stateful firewalls impact but the legacy servers were using
the same basic setup. If the firewall is the problem is there a way to
validate this (other than stopping firewalld and waiting)?<br></div><div>*
The "worker" threads seem evenly distributed to my novice eye and our
qps (queries per second) rate is low as I would expect since the name
servers are internal only resources.</div><div>* I ran a few pcaps and
rec_control trace-regex for specific domain items being reported as
problematic. Everything seemed to be working with the trace-regex always
showing "Step3 Final resolve: No Error/6 or 8".</div><br><div>Thank you in advance for your time and consideration.<br></div><div><br></div><div>Sincerely,</div><div>Scotsie<br></div><div><br></div><div>```<br>Apr
17 16:07:28 nsrecdns01-1 pdns-recursor[1092]: msg="Periodic statistics
report" subsystem="stats" level="0" prio="Info" tid="0"
ts="1744920448.170" cache-entries="23666" negcache-entries="497"
questions="6831695" record-cache-acquired="286931329" record-cache-contended="64414" record-cache-contended-perc="0.02" record-cache-hitratio-perc="0.87"<br>Apr
17 16:07:28 nsrecdns01-1 pdns-recursor[1092]: msg="Periodic statistics
report" subsystem="stats" level="0" prio="Info" tid="0"
ts="1744920448.170" packetcache-acquired="16887684" packetcache-contended="1019" packetcache-contended-perc="0.01" packetcache-entries="7112" packetcache-hitratio-perc="37.75"<br>Apr
17 16:07:28 nsrecdns01-1 pdns-recursor[1092]: msg="Periodic statistics
report" subsystem="stats" level="0" prio="Info" tid="0"
ts="1744920448.170" edns-entries="38" failed-host-entries="50"
non-resolving-nameserver-entries="0" nsspeed-entries="968" saved-parent-ns-sets-entries="65" throttle-entries="8"<br>Apr
17 16:07:28 nsrecdns01-1 pdns-recursor[1092]: msg="Periodic statistics
report" subsystem="stats" level="0" prio="Info" tid="0"
ts="1744920448.170" concurrent-queries="1" dot-outqueries="0"
idle-tcpout-connections="0" outgoing-timeouts="36594"
outqueries="14668546" outqueries-per-query-perc="214.71" tcp-outqueries="3131" throttled-queries-perc="1.90"<br>Apr
17 16:07:28 nsrecdns01-1 pdns-recursor[1092]: msg="Periodic statistics
report" subsystem="stats" level="0" prio="Info" tid="0"
ts="1744920448.170" taskqueue-expired="0" taskqueue-pushed="540"
taskqueue-size="0"<br>Apr 17 16:07:28 nsrecdns01-1 pdns-recursor[1092]:
msg="Queries handled by thread" subsystem="stats" level="0" prio="Info"
tid="0" ts="1744920448.170" count="3470098" thread="0" tname="worker"<br>Apr
17 16:07:28 nsrecdns01-1 pdns-recursor[1092]: msg="Queries handled by
thread" subsystem="stats" level="0" prio="Info" tid="0"
ts="1744920448.170" count="3360836" thread="1" tname="worker"<br>Apr 17
16:07:28 nsrecdns01-1 pdns-recursor[1092]: msg="Queries handled by
thread" subsystem="stats" level="0" prio="Info" tid="0"
ts="1744920448.171" count="764" thread="2" tname="tcpworker"<br>Apr 17
16:07:28 nsrecdns01-1 pdns-recursor[1092]: msg="Periodic QPS report"
subsystem="stats" level="0" prio="Info" tid="0" ts="1744920448.171"
averagedOver="1800" qps="117"</div><div>```</div>
</div>