[linux-elitists] DNS speedup

Jim Richardson warlock@eskimo.com
Thu Jan 15 14:45:46 PST 2004


On Thu, Jan 15, 2004 at 01:33:52PM -0800, Jim Richardson wrote:
>On Thu, Jan 15, 2004 at 03:17:45PM -0500, Jon Carnes wrote:
>>You should post your named.conf file and your resolv.conf file
>>
>>On Thu, 2004-01-15 at 14:36, Jim Richardson wrote:
>>>I have a busy server, that is running it's own copy of <spit> BIND9 that
>>>I need to tweak somehow. It's really slow, and doesn't seem to cache
>>>anything. Unfortunately, I can't at the moment replace it with something
>>>like tinydns as it's on one of those integrated make it easy for the
>>>vhosts webpanel setup things. 
>>>
>>>Doing a simple nslookup, results in at least 1.5 seconds of delay,
>>>sometimes, as much as 4 seconds per, which would be ok on an initial
>>>lookup, but I get the same delay if I do the same lookup again, right
>>>after the first one returns. 
>>>
>>>Without spewing my named.conf here, are there any suggestions on where
>>>to look to make sure that some sort of caching is actually going on?
>>>named.conf is a bit obscure to me, so I haven't learned it as well as I
>>>probably should. I have about 30 vhosts on this machine, it gets about
>>>100,000 hits a day, (not counting ad impressions, which go to a
>>>different server)  as you can guess, it's pretty busy and this isn't
>>>helping. Oh, if I drop the load, I don't see any improvement in DNS
>>>query times. 
>>>
>>>Thanks all. 
>>>
>>>
>>
>>
>>
>
>
>Rather than cluttering up the list with the files in question, I have
>placed sanitized copies at 
>
><http://www.eskimo.com/~warlock/computers/nemo_named.conf>
>
>and 
>
><http://www.eskimo.com/~warlock/computers/nemo_resolv.conf
>
>Paranoia drove me to sanitizing them, and I was uneasy with them being
>archived anyway. Don't mind me, I am just checking the fit on my new
>tinfoil hat. 


Further tinkering suggests that it isn't a named.conf or resolv.conf
issue. Running strace -T nslookup host.com presented me with output that
included several Interrupted processes. 

One example. 

--- SIGRT_0 (Real-time signal 0) ---
<... rt_sigsuspend resumed> )           = -1 EINTR (Interrupted system call) <0.716094>
sigreturn() = ? (mask now [HUP INT TERM]) <0.000015>
kill(16426, SIGRT_0) = 0 <0.000064>
rt_sigprocmask(SIG_SETMASK, NULL, [HUP INT TERM 32], 8) = 0 <0.000013>
write(4, " /\"@\0\0\0\0\200\337\377\277\200^\36@\240\232\5\10\3@"..., 148) = 148 <0.000172>
rt_sigprocmask(SIG_SETMASK, NULL, [HUP INT TERM 32], 8) = 0 <0.000012>
rt_sigsuspend([HUP INT TERM] <unfinished ...>


There are several of these in a row. Not exactly sure what they mean, except
something has barfed, and it soaks up most of the time being lost. 


This is on a more or less (except for BIND, apache and MySQL) stock and uptdate
RH7.2 (yes, we have to do something about that now) system with the 
latest RH 2.4.20 backported kernel for the mremap and do_brk vulnerabilities. 





-- 
Jim Richardson     http://www.eskimo.com/~warlock
Ambition is a poor excuse for not having sense enough to be lazy.
		-- Charlie McCarthy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20040115/49f61688/attachment.pgp 


More information about the linux-elitists mailing list