[Pdns-users] Servfail spikes on PowerDNS authoritive
Roman Steinhart
roman at aternos.org
Mon Nov 2 13:41:18 UTC 2020
Hi guys,
We're running two PowerDNS authoritative instances v4.3.0/4.3.1 (upgraded
today) with a self-written remote backend.
>From time to time we see small, 1-2 minute long spikes of servfail
responses.
In these timeframes one-third of all responses sent by PowerDNS are
servfail responses, the other two-thirds are successful.
https://img.steinh.art/1e7J10Qu.png
- These spikes typically occur two or three times a day, at different times
the day on both DNS servers.
- There is no relation to the type of DNS records being queried. It affects
any type e.g. A, AAAA, SRV, etc. I don't how much PDNS relies on the remote
backend in online signing mode, but the problem also occurs with DS records.
- It's not related to the query name. I can query a name with the same name
as 10 minutes later and it's working fine.
- There are no spikes in other server metrics like CPU, memory, etc.
Luckily PowerDNS is logging why these servfails occur:
> Exception building answer packet for britishgerbil.aternos.me/DS (Attempt
> to print an unset dnsname) sending out servfail
But unfortunately, I don't have any clue what this means.
I also checked our remote backend of course and everything looks fine there.
I don't know if my assumption is correct, but the fact that DS records are
generated by PDNS (in online signing mode) and are affected too I would say
that it's not related to the remote backend?
Maybe someone of you has a hot hint for me or can explain what that error
message tries to tell me :)
Thanks in advance.
~ Roman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20201102/a0e747be/attachment.htm>
More information about the Pdns-users
mailing list