Date: Sun, 17 May 1998 21:51:01 -0400 (EDT) From: Andrew Webster <andrew@guardian.fortress.org> To: MP <mlistbsd@icorp.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: too many open files problem Message-ID: <Pine.BSF.3.96.980517214735.8837D-100000@guardian.fortress.org> In-Reply-To: <3.0.1.32.19980517145521.0069e5b4@icorp.net>
next in thread | previous in thread | raw e-mail | index | archive | help
You want to only bind your nameserver to your primary IP address.
Using bind 8.x you can use the statement
listen-on { a.b.c.d, e.f.g.h } in the options section. This will limit
the addresses to which you will respond, but typically you'll only want a
couple of these anyway.
For bind 4.9.x I don't have an answer.
On Sun, 17 May 1998, MP wrote:
>
> Greetings,
>
> I'm running into a problem with FreeBSD 2.2.6.
>
> I have two Class C's on my network and recently a hacker tunnelled into the
> backbone and masqueraded under an unused IP in my subnet to do spamming.
> As a result, I opted to bind all my IP addresses - used or not, to one of
> my servers. So I have about 400 or so IPs bound. When I boot FBSD 2.2.6,
> everything works, but if I -HUP the nameserver, I get this in the messages
> log:
>
> May 17 14:29:37 mysys named[1266]: starting. named 4.9.6-REL Wed Mar 25
> 00:29:
> 44 GMT 1998 jkh@time.cdrom.com:/usr/obj/usr/src/usr.sbin/named
> May 17 14:29:37 mysys named[1266]: fcntl(dfd, F_DUPFD, 20): Too many open
> files
> May 17 14:29:37 mysys last message repeated 15 times
>
> The hard limit on open files is set at 360 - this may be inadequate since I
> may have up to 512 domains mapped to my server. I assume there is a
> relationship between these two concepts.
>
> In scanning the archives on FreeBSD.org, none of the solutions worked for
> me (regarding setting ulimit ...) - and I didn't try anything regarding
> compiling the kernel - I'm using the generic compilation right now.
>
> What are my options? Do I need to tune the kernel to solve this problem?
>
> If so, would someone be so kind as to walk me through this process?
> Initial examinations showed a value OPEN_MAX, but it simply referenced some
> header file that I could not find on the system - I haven't done enough
> research yet to figure out what to do.
>
> Any help would be GREATLY appreciated - please direct e-mail to: mp@icorp.net
>
> Thanks very much!!
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
Andrew Webster andrew@pubnix.net
Key fingerprint = CF E8 16 B8 A6 DB E3 C9 83 E7 96 24 25 58 15 6E
PubNIX Montreal Connected to the world Branche au monde
P.O. Box 147 Cote Saint Luc, Quebec H4V 2Y3
tel 514.990.5911 http://www.pubnix.net fax 514.990.9443
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980517214735.8837D-100000>