Path: csiph.com!newsfeed.xs4all.nl!newsfeed9.news.xs4all.nl!news.uzoreto.com!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail From: Greg Rivers Newsgroups: comp.protocols.dns.bind Subject: Re: Bind suddenly starts responding clients with servfail Date: Thu, 07 May 2020 21:03:53 -0500 Lines: 30 Approved: bind-users@lists.isc.org Message-ID: References: <4014419.dAo2udNiHL@no.place.like.home> NNTP-Posting-Host: lists.isc.org Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Trace: usenet.stanford.edu 1588903450 10485 149.20.1.60 (8 May 2020 02:04:10 GMT) X-Complaints-To: action@cs.stanford.edu Cc: bind-users@lists.isc.org To: =?ISO-8859-1?Q?S=F8ren?= Andersen Return-Path: X-Original-To: bind-users@lists.isc.org Delivered-To: bind-users@lists.isc.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tharned.org; s=2017; t=1588903439; bh=UAnBFjO51Z203rK3FlCBZdfYKNjFExy/UDl7ZdWj7ok=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=n5UK1r+8kUSbX9kdeLA1r8stahINcY2lJwN9XWx14l7brjBoXeCIJhRBIxRu5COeD 2bdXwkFnZ7HXJeHEO0A7W//lJgtTsycZTAfnFcRXiy+Kf5khj72xYuOacYV3Rj5HuO nVMBHIS1i4k7x/bj2fg5K7QMRKPMtw1lYFlc72v4YDP9nnleYX12GKCd5/xxOwgBKE BNBihlQ6fkZ3ifcjKcy6F3Q/KbEm+RUqHoHUrI8JTNSs8Bk+2km3e41Lla2BXSfyHN MUdU3uCLLdCOazJfQvEHXEn7hw23FNPJE0th65Ariv2NzummFoJASmKkZq6AfsTo7u 2f/uXg5S3t4Vg== X-Authentication-Warning: roadkill.tharned.org: Host [IPv6:2001:470:1f11:107f:cdc0:860e:e744:41fb] claimed to be flake.tharned.org In-Reply-To: X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (roadkill.tharned.org [IPv6:2001:470:1f10:107f:0:0:0:2]); Thu, 07 May 2020 21:03:59 -0500 (CDT) X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_NONE autolearn=disabled version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mx.pao1.isc.org X-BeenThere: bind-users@lists.isc.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: BIND Users Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Mailman-Original-Message-ID: <4014419.dAo2udNiHL@no.place.like.home> X-Mailman-Original-References: Xref: csiph.com comp.protocols.dns.bind:15741 On Monday, 27 April 2020 03:59:39 CDT S=F8ren Andersen wrote: > I'm running a few BIND servers, but lately one of my servers suddenly sta= rts > responding to clients with servfail for every request from the clients, a= nd > BIND doesn't respond to the rndc or statistics interface anymore. >=20 > My logs for client-channel show me this: > 25-Apr-2020 21:52:04.501 client @XX XX.37#2921 (google.dk): no more > recursive clients (1000/900/1000): quota reached >=20 > I've removed all the dns traffic from the server, and the quota is still > reached after 6+ hours? >=20 > Do you guys have some clue what all this is about? - Or any suggestions > where to look for any further information? >=20 > I'm running BIND 9.16.1 on CentOS 7: > I've had the very same thing happen twice in the past two weeks on differen= t production recursive servers running BIND 9.16.2 on FreeBSD. I've opened = a ticket with ISC, and they are looking into it. Can you share any addition= al information that might aid troubleshooting? If anyone else experiences this, please report it. =2D-=20 Greg