Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: p-jones on April 22, 2006, 12:59:48 AM

Title: DNSCache and V7RC1
Post by: p-jones on April 22, 2006, 12:59:48 AM

I have developed an issue which I am unable to identify or resolve. Mu V7 server is working its butt off and running top show the DNSCache is consuming about 70% or resources and the logger, another 20% (on a 2.8GHz P4).

The DNSCache log is full of the following

@40000000444961760fe77ad4 query 5818386 c0a8020f:c29d:1d08 12 25.2.168.192.in-addr.arpa.
@40000000444961760fe8038c tx 0 12 25.2.168.192.in-addr.arpa. 2.168.192.in-addr.arpa. c0a8020f
@40000000444961760fe991fc drop 5818187 timed out

The IP relates to a wkstn on the network. When I change the IP of that workstation, reconfigure and reboot SME the log entry remains the same, just the offending IP changes. The WKSTN is a fairly standard XPPro box. and there is nothing obvious going on with it which is amiss.

If I can understand what this log entry is REALLY telling me, maybe I can go further to resolving the problem. My take on it is that the wkstn is sending a DNS request to SME and that SME is timing out before it has answered that request. I can find nothing on the wkstn that should block that request. Firewalling services on the wkstn are turned off.

All/Any comments welcome please.
Thanks
Peter

Title: DNSCache and V7RC1
Post by: CharlieBrady on April 22, 2006, 06:36:12 PM

/service/dnscache/dnscache-log.pl is provided to help you interpret the dnscache logs if you need to.

tai64nlocal < /var/log/dnscache/current |
/service/dnscache/dnscache-log.pl

will show you the logs in a more human readable fashion.

You haven't shown enough of the logs to interpret. What you have shown us is:

04-21 18:49:16 query 5818386 192.168.2.15:49821:7432 ptr 25.2.168.192.in-addr.arpa.
04-21 18:49:16 tx 0 ptr 25.2.168.192.in-addr.arpa. 2.168.192.in-addr.arpa. 192.168.2.15
04-21 18:49:16 drop 5818187 timed out

This shows a reverse DNS lookup for 192.168.2.15, but doesn't show us what the query was which timed out (query 5818187).

Title: DNSCache and V7RC1
Post by: CharlieBrady on April 22, 2006, 06:38:24 PM

Quote from: "CharlieBrady"

04-21 18:49:16 tx 0 ptr 25.2.168.192.in-addr.arpa. 2.168.192.in-addr.arpa. 192.168.2.15

Hmmm, that entry looks wrong. Reverse queries for the local net should be sent to 127.0.0.1, not 192.168.2.15. Please post to the Bug Tracker and we'll drill deeper there.

Title: DNSCache and V7RC1
Post by: p-jones on April 23, 2006, 01:02:31 PM

Charlie

"You haven't shown enough of the logs to interpret. What you have shown us is: "

This sequence just keeps repeating itself - pages of it....like its in an endless loop. The only way to stop it at present is to stop and restart the DNSCache. It will be fine for a while. Not sure what is triggering it - I know opening wenmail via the browser will get it going again but there are other factors which I havent identified yet. I suspect any DNS look that is not already cached but I need to find a bit more time to follow up on your previous suggestions and try and quantify it better (and put it in the bug tracker).

Peter

Title: DNSCache and V7RC1
Post by: CharlieBrady on April 23, 2006, 05:31:44 PM

Quote from: "p-jones"

I need to find a bit more time to follow up on your previous suggestions and try and quantify it better (and put it in the bug tracker).

Please put it in the bug tracker ASAP - and before you quantify it better. Please attach the output of "db networks show" when you do so.