[Pdns-users] Problems with PowerDNS
Patrick Domack
patrickdk at patrickdk.com
Tue Nov 10 21:08:05 UTC 2015
I suppose sense you have dnssec=yes, you are using dnssec, This will
cause a lot of sql queries.
pdns is using 100% cpu of a single core, did you try adjusting
receiver-threads >1 probably for that box set it to 4 and test, maybe
higher even.
Since I don't know much about what your pdns server is doing (and I
haven't had issues on mine), I assume the dnssec dynamic signing is
eating your cpu, and it only has one worker thread to do it with,
limiting it to a single core.
I could be completely wrong.
Quoting "Nadir M. Aliyev" <admin at bakinter.net>:
> Dear Peter van Dijk, my connection link is 1000Gbps, server hardware
> from cisco ucs. There is no problem with hardware. But mysql uses
> huge resources even not zone in db it sends 4-5 queries to the db.
>
> I used percone tools to optimize mysql configuration. But it
> decreased cpu usage only 10%. I have 10.000 query per second.
>
> Maybe I need do some tuning on TTLs?
>
> -----Original Message-----
> From: pdns-users-bounces at mailman.powerdns.com
> [mailto:pdns-users-bounces at mailman.powerdns.com] On Behalf Of Peter
> van Dijk
> Sent: 10 noyabr 2015, çərşənbə axşamı 16:58
> To: pdns-users at mailman.powerdns.com
> Subject: Re: [Pdns-users] Problems with PowerDNS
>
> Hello Nadir,
>
> based on the logs, it looks like your powerdns has trouble reaching
> the Internet at all. Are you on a slow or congested link? Note that
> in general your machine looks quite busy!
>
> Kind regards,
> --
> Peter van Dijk
> PowerDNS.COM BV - https://www.powerdns.com/
>
> On 10 Nov 2015, at 13:01, Nadir M. Aliyev wrote:
>
>> Hi everyone!
>>
>>
>>
>> I have problems with some domains
>>
>>
>>
>> For ex. When I do google.com sometimes I get ns records but sometimes
>> I get SERFVAIL also it happens basically with google. When I restrart
>> pdns it works normally for 5 minutes. Then again SERVFAIL.
>>
>>
>>
>> Strange, some domains works some not works.. Even if cache hits.
>>
>> I increased cache ttls not helped.
>>
>>
>>
>> Server details: 8 core cpu, 8 GB of Ram.
>>
>> Load: pdns 100%, mysql 120%, pdns-recursor 30%, network 40 mbps.
>>
>>
>>
>>
>>
>> Some logs:
>>
>> Nov 10 15:33:08 ns01 pdns_recursor[15237]: Sending SERVFAIL to
>> 127.0.0.1
>> during resolve of 'gm-realm.net.' because: Too much time waiting for
>> gm-realm.net.|A, timeouts: 5, throttles: 1, queries: 6, 7578msec
>>
>> Nov 10 15:33:09 ns01 pdns_recursor[15237]: Sending SERVFAIL to
>> 127.0.0.1
>> during resolve of 'gm-realm.net.' because: Too much time waiting for
>> gm-realm.net.|A, timeouts: 5, throttles: 2, queries: 6, 7504msec
>>
>> Nov 10 15:33:12 ns01 pdns_recursor[15237]: Sending SERVFAIL to
>> 127.0.0.1
>> during resolve of 'gm-realm.net.' because: Too much time waiting for
>> gm-realm.net.|A, timeouts: 5, throttles: 3, queries: 6, 7502msec
>>
>> Nov 10 15:33:13 ns01 pdns_recursor[15237]: Sending SERVFAIL to
>> 127.0.0.1
>> during resolve of 'us.micardapi.micloud.xiaomi.net.' because: Too much
>> time waiting for us.api.micloud.mi.com.|A, timeouts: 5, throttles: 0,
>> queries: 7,
>> 7709msec
>>
>> Nov 10 15:33:18 ns01 pdns_recursor[15237]: Sending SERVFAIL to
>> 127.0.0.1
>> during resolve of 'www.coocent.net.' because: Too much time waiting
>> for s-149179.abc188.com.|A, timeouts: 5, throttles: 0, queries: 8,
>> 8093msec
>>
>> Nov 10 15:33:18 ns01 pdns_recursor[15237]: Sending SERVFAIL to
>> 127.0.0.1
>> during resolve of 'www.6ud1.com.' because: Too much time waiting for
>> www.6ud1.com.|A, timeouts: 5, throttles: 0, queries: 6, 7502msec
>>
>> Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: 1787915 questions,
>> 497334
>> cache entries, 86066 negative entries, 11% cache hits
>>
>> Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: throttle map: 6856,
>> ns
>> speeds: 29645
>>
>> Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: outpacket/query
>> ratio 49%, 11% throttled, 0 no-delegation drops
>>
>> Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: 211 outgoing tcp
>> connections, 1 queries running, 50712 outgoing timeouts
>>
>> Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: 322566 packet cache
>> entries, 61% packet cache hits
>>
>> Nov 10 15:42:52 ns01 pdns_recursor[15237]: stats: 926 qps (average
>> over 1930
>> seconds)
>>
>>
>>
>> Config:
>>
>>
>>
>> I have one master server which replicates db to the four slave server.
>>
>>
>>
>> # cat recursor.conf
>>
>> ..
>>
>> hint-file=/etc/pdns/named.root
>>
>> allow-from=127.0.0.0/8
>>
>> local-address=127.0.0.1
>>
>> local-port=5353
>>
>> version-string=Bind Recursor
>>
>> ..
>>
>>
>>
>> # cat /etc/pdns/pdns.conf
>>
>> ..
>>
>> launch=gmysql
>>
>> gmysql-host=127.0.0.1
>>
>> gmysql-port=3306
>>
>> gmysql-user=p_owerdns
>>
>> gmysql-password=verysecretpassword
>>
>> gmysql-dbname=p_ owerdns
>>
>> gmysql-dnssec="yes"
>>
>>
>>
>> #allow to customers
>>
>> allow-recursion=127.0.0.1/8, 172.16.0.0/16, 10.0.0.0/8,
>> xxx.xxx.xxx.xxx/16
>>
>>
>>
>> #master
>>
>> #allow-axfr-ips=172.16.6.30
>>
>>
>>
>> local-address=0.0.0.0
>>
>> local-port=53
>>
>>
>>
>> control-console=no
>>
>>
>>
>> query-cache-ttl=18600
>>
>> cache-ttl=18600
>>
>> default-ttl=7200
>>
>> soa-expire-default=18600
>>
>> soa-minimum-ttl=3600
>>
>> soa-refresh-default=10800
>>
>> soa-retry-default=3600
>>
>>
>>
>> daemon=yes
>>
>>
>>
>> default-soa-name=ns.master.mydomain.net
>>
>>
>>
>> distributor-threads=18
>>
>>
>>
>> guardian=yes
>>
>>
>>
>> #lazy-recursion=yes
>>
>>
>>
>> master=no
>>
>> slave=yes
>>
>> slave-cycle-interval=600
>>
>>
>>
>> max-tcp-connections=100
>>
>> max-queue-length=50000
>>
>>
>>
>> recursor=127.0.0.1:5353
>>
>>
>>
>> out-of-zone-additional-processing=yes
>>
>>
>>
>> webserver=yes
>>
>> webserver-address=172.16.6.34
>>
>> webserver-password=adminadminadmin
>>
>> webserver-port=8081
>>
>> webserver-print-arguments=yes
>>
>>
>>
>> #loglevel=9
>>
>> #log-dns-details=yes
>>
>> #log-dns-queries=yes
>>
>> #query-logging=yes
>>
>>
>>
>> version-string=Bind Resolver
>>
>> ..
>>
>> _______________________________________________
>> Pdns-users mailing list
>> Pdns-users at mailman.powerdns.com
>> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
More information about the Pdns-users
mailing list