[Pdns-users] TCP Queries stop - can only fix with restart?

Matt Gibson m.gibson at voxip.ca
Tue Oct 18 18:07:35 UTC 2005 

Hi Bert!,

bert hubert wrote:
> Two things stand out - you use the recursor bypass and you have 250 IP
> addresses PowerDNS listens on.
>
> Do you have a lot of recursion traffic? Perhaps from mail servers?
>   
Yeah we do :).

We have about 130+ Windows boxes, that use IIS SMTP, which seems to
ONLY query using TCP. They send mail, so queries for SMTP transactions is
common, and there are also scripts that run on various sites which could 
cause lookups

We also have a few Exim mailservers that are using it for authorative 
and recursive lookups too.

>> Oct 17 23:02:10 ns1 pdns[5800]: TCP nameserver had error, cycling 
>> backend:EOF trying to get length of answer from remote TCP server
>> Oct 17 23:02:21 ns1 pdns[5800]: TCP server is without backend 
>> connections, launching
>>     
>
> Do you get a lot of these messages? Or only one? Does this message come just
> befor things fail? Or during?
>   
Yeah, there's quite a few of these messages in the logs. They seem to 
happen during the failure, before the
failure, then again after the restart. I think it's related, but not the 
actual error that's produced when PDNS
tcp queries die out.

>> Can you check next time how many of those TCP connections were from the
>> nameserver to the recursor?
>>     
I took another look at the previous log, and cut out all connections 
except for the ones using 5300, and
this is the result I got:

udp        0      0 127.0.0.1:29094         127.0.0.1:5300          
ESTABLISHED
tcp       33      0 127.0.0.1:5300          127.0.0.1:46985         
ESTABLISHED
tcp        0      0 127.0.0.1:46985         127.0.0.1:5300          
ESTABLISHED
udp        0      0 127.0.0.1:29094         127.0.0.1:5300          
ESTABLISHED

> This is the first report like this. Most nameservers don't get a lot of
> TCP queries, so that part of PowerDNS might hide bugs. I've seen Exchange
> servers do a lot of TCP traffic to nameservers, so I'm interested in hearing
> of what is using your nameservers as recursor.
>   
Thanks a lot for helping us get to the bottom of this. I have a sneaky 
suspicion that it is entirely because
of MS IIS SMTP servers doing all their lookups over TCP, but I could be 
wrong :)

Thanks again,
Matt

More information about the Pdns-users mailing list