hello guys, this is my first time here as a registered user. first of all, i wanna say sorry about my english, i talk spanish. i come with a big problem.. the thing is: i buy a vps from volumedrive at http://volumedrive.com/vdrive/?a=vps is the package 2. i follow this tutorial http://www.howtoforge.com/perfect-server-debian-wheezy-apache2-bind-dovecot-ispconfig-3 and everything goes well. two days ago volumedrive suspend this vps because process named was causing high resource usage. after a long day they give me a new vps because the old one was "rare". none of us was able to make an os-reload in this vps didn't know why... anyway i ask volumedrive about resource limitations and they told me this: If the VPS causes such an issue that other VPS on the node are affected we cannot wait for a response from you. The load average limit is 5. Anything above that it gets suspended. You need to monitor your own VPS. two things: 1°, what means 5 and how to monitor this? and 2°, what can i do whit bind to decrease resource usage? i have read this articles and seems to work for these users: https://bugzilla.redhat.com/show_bug.cgi?id=709205#c29 http://stackoverflow.com/questions/13059014/bind-named-service-high-cpu-load can you guys tell me some "solution" for this? if i use mydns instead bind i will se same error ¿? i was a w2k user sense 1° time, but now in linux im in troubles thanks in advance. pd: one of the first support ticket i send when vps was suspended they answered this: your VPS was suspended for causing the node to spike to a 17 load average. process causing it: [root@vps8 ~]# vzpid 623402 Pid CTID Name 623402 373 named
Check if recusrion is disabled in bind: http://askubuntu.com/questions/170728/how-to-disable-external-dns-recursion If its not disabled, then disable it now and restart bind.
wow! it's the first time someone in a forum respond me that fast! thanks! i will update this post after i check your solution. in a few words it's recomended turn off recursion right?
Yes. Otherwise your server might be misused for dns based dos attacks which might explain the high dns usage.
ok, if i put: allow-transfer {“none”;}; allow-recursion {“none”;}; recursion no; in resolv.conf.options bind doesn't start. and openresolver.com shows: Recursive resolver is not detected on xxx.xxx.xxx.xxx with or without modifications in resolv.conf.options so, in this case openresolver seems to not work. if i put just: recursion no; bind start ok. my scenario is: debian wheeze x64 the perfect server with ispconfig3 all apdated & upgraded. 3 sites in the server working ok.
