[Pdns-users] PDNS Recursor on Debian / Low performance !!!URGENT!!!!
bert hubert
bert.hubert at netherlabs.nl
Tue Feb 8 07:51:47 UTC 2011
On Mon, Feb 07, 2011 at 11:52:37AM +0000, Maroon Ibrahim wrote:
>
> WOW! Thanks for the info Bert :)
>
> The Debian server that hosts PDNS Cursor doesn't apply any iptable rule...
> but this server is behind a firewall (MikorTik Router) and this firewall
> has tracking feature turned on...maybe because of that!!! and my
> uplstream connection is only 1 Mbps full fiber.
1Mbps is not enough for high performance DNS operations, as tested by
queryperf. The 'MikorTik router' is probably also smoked out from your
tests, especially by the 'tracking feature'.
Sorry, there is little that can be done about this.
Bert
>
> Anyways, my concern is to know that if I did the tweaks for the file descriptor mentioned earlier and run dpkg -i (yourlastestversion3.3-1).deb and fix the max-cache-entries and packet-entries would be enough??
>
>
> > Date: Mon, 7 Feb 2011 11:37:46 +0100
> > From: bert.hubert at netherlabs.nl
> > To: maroon_ibrahim at hotmail.com
> > CC: pdns-users at mailman.powerdns.com
> > Subject: Re: [Pdns-users] PDNS Recursor on Debian / Low performance !!!URGENT!!!!
> >
> > On Mon, Feb 07, 2011 at 09:38:42AM +0000, Maroon Ibrahim wrote:
> > > all-outqueries 501740
> > > outgoing-timeouts 352596
> > > throttled-outqueries 76300
> >
> > This mostly tells the story. Your pdns_recursor has problems talking to the
> > network at sufficient speed. Either this is caused by you requiring too much
> > bandwidth, or by a firewall that gets upset by all the different UDP
> > 'sessions' it sees.
> >
> > Of 501k queries, 428k did not get answers. 352k were direct timeouts, 76k
> > were not even sent out by PowerDNS because it had a 'cached timeout'.
> >
> > > over-capacity-drops 31945
> >
> > You should increase 'max-mthreads' beyond 1024 after you have your network
> > fixed, you dropped 31945 queries because 1024 were already running.
> >
> > Fixing the network needs to happen upstream, this can't be done by PowerDNS.
> >
> > Good luck!
> >
> > Bert
>
More information about the Pdns-users
mailing list