[nsd-users] NSD4 goes unresponsive with lots of TCP connection!

[Kabindra Shrestha]

Hi,

We are seeing some large number of TCP connections to our DNS servers (in thousands) and NSD goes unresponsive after certain time and doesn't recover, it stops responding to UDP as well. We tried increasing the number of tcp-counts but it doesn't help.
I noticed the TCP backlog is hardcoded to 256 in NSD config, so even with customised TCP backlogs on the system its still being throttled at around 256. Is there anyway we can change this value without recompiling the NSD.


[kabindra at 05 nsd-4.1.8]$ grep BACKLOG *
config.h.in:#undef TCP_BACKLOG
configure:#define TCP_BACKLOG 256
configure.ac:AC_DEFINE_UNQUOTED([TCP_BACKLOG], [256], [Define to the backlog to be used with listen.])


We are using NSD4.1.8.

( From one of the servers that went unresponsive, we have seen that TCP number closing to 10k. )

#ss -s
Total: 5591 (kernel 5640)
TCP:   5067 (estab 4968, closed 4, orphaned 0, synrecv 0, timewait 3/0), ports 28

Transport Total     IP        IPv6
*	  5640      -         -
RAW	  0         0         0
UDP	  122       63        59
TCP	  5063      5017      46
INET	  5185      5080      105
FRAG	  0         0         0


Thanks.

Regards,
Kabindra Shrestha

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20160405/5ebcbb3d/attachment.bin>