Hi Thomas,
On Tue, Dec 4, 2012 at 6:18 AM, Thomas Manninger <DBGTMaster at gmx.at>
wrote:
>
> -------- Original-Nachricht --------
> > Datum: Fri, 23 Nov 2012 14:32:31 -0800
> > Von: Matthieu Patou <mat at samba.org>
> > An: samba at lists.samba.org
> > Betreff: Re: [Samba] samba4 binddlz performance
>
> > On 11/19/2012 07:11 AM, Thomas Manninger wrote:
> > > Hello,
> > >
> > > i am using samba4rc2.
> > >
> > > I have problems with the bind9 dlz module, i get very long
response
> > times from interal queries.
> > >
> > > root at s-srv01:~# dig s-srv04.test.local @192.168.0.4
> > >
> > > ; <<>> DiG 9.8.0-P4 <<>>
s-srv04.test.local @192.168.0.4
> > > ;; global options: +cmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
64478
> > > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2,
ADDITIONAL: 1
> > >
> > > ;; QUESTION SECTION:
> > > ;s-srv04.test.local. IN A
> > >
> > > ;; ANSWER SECTION:
> > > s-srv04.test.local. 900 IN A 192.168.0.4
> > >
> > > ;; AUTHORITY SECTION:
> > > test.local. 900 IN NS s-srv01.test.local.
> > > test.local. 900 IN NS s-srv04.test.local.
> > >
> > > ;; ADDITIONAL SECTION:
> > > s-srv01.test.local. 900 IN A 192.168.0.1
> > >
> > > ;; Query time: 1239 msec
> > > ;; SERVER: 192.168.0.4#53(192.168.0.4)
> > > ;; WHEN: Mon Nov 19 16:07:59 2012
> > > ;; MSG SIZE rcvd: 108
> > .local is normally used for mdns (see.
> > http://en.wikipedia.org/wiki/MDNS#Host_Discovery), can you try with
> > another kind of tld (ie. use domain test.corp).
> > > external queries are a little bit faster:
> > >
> > > root at s-srv01:~# dig google.com @192.168.0.4
> > >
> > > ; <<>> DiG 9.8.0-P4 <<>> google.com
@192.168.0.4
> > > ;; global options: +cmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
56403
> > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 13,
ADDITIONAL: 6
> > >
> > > ;; QUESTION SECTION:
> > > ;google.com. IN A
> > >
> > > ;; ANSWER SECTION:
> > > google.com. 300 IN A 173.194.35.135
> > > google.com. 300 IN A 173.194.35.136
> > > google.com. 300 IN A 173.194.35.137
> > > google.com. 300 IN A 173.194.35.142
> > > google.com. 300 IN A 173.194.35.128
> > > google.com. 300 IN A 173.194.35.129
> > > google.com. 300 IN A 173.194.35.130
> > > google.com. 300 IN A 173.194.35.131
> > > google.com. 300 IN A 173.194.35.132
> > > google.com. 300 IN A 173.194.35.133
> > > google.com. 300 IN A 173.194.35.134
> > >
> > > ;; AUTHORITY SECTION:
> > > . 45846 IN NS
a.root-servers.net.
> > > . 45846 IN NS
c.root-servers.net.
> > > . 45846 IN NS
b.root-servers.net.
> > > . 45846 IN NS
g.root-servers.net.
> > > . 45846 IN NS
f.root-servers.net.
> > > . 45846 IN NS
j.root-servers.net.
> > > . 45846 IN NS
e.root-servers.net.
> > > . 45846 IN NS
i.root-servers.net.
> > > . 45846 IN NS
l.root-servers.net.
> > > . 45846 IN NS
k.root-servers.net.
> > > . 45846 IN NS
h.root-servers.net.
> > > . 45846 IN NS
d.root-servers.net.
> > > . 45846 IN NS
m.root-servers.net.
> > >
> > > ;; ADDITIONAL SECTION:
> > > a.root-servers.net. 45846 IN A 198.41.0.4
> > > b.root-servers.net. 45846 IN A 192.228.79.201
> > > c.root-servers.net. 45846 IN A 192.33.4.12
> > > d.root-servers.net. 45846 IN A 128.8.10.90
> > > e.root-servers.net. 45846 IN A 192.203.230.10
> > > f.root-servers.net. 45846 IN A 192.5.5.241
> > >
> > > ;; Query time: 281 msec
> > > ;; SERVER: 192.168.0.4#53(192.168.0.4)
> > > ;; WHEN: Mon Nov 19 16:09:06 2012
> > > ;; MSG SIZE rcvd: 511
> > >
> > >
> > > When i change to the samba4 internal dns server, i get response
time
> > about ~1-2ms.
> > >
> > > But why is the bind dlz modul so slooow..?
> > you can use kcachegrind to trace bind in foreground mode in order to
see
> > where the time is spent.
> >
> > Matthieu.
> >
> > --
> > Matthieu Patou
> > Samba Team
> > http://samba.org
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
>
> Startup time of bind is also very slow:
>
> Dec 3 20:10:06 srv named[20349]: samba_dlz: trying container
> 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
> Dec 3 20:10:10 srv named[20349]: samba_dlz: configured writeable zone
> '110.168.192.in-addr.arpa'
> Dec 3 20:10:10 srv named[20349]: samba_dlz: trying container
> 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
> Dec 3 20:10:14 srv named[20349]: samba_dlz: configured writeable zone
> '111.168.192.in-addr.arpa'
> Dec 3 20:10:14 srv named[20349]: samba_dlz: trying container
> 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
> Dec 3 20:10:18 srv named[20349]: samba_dlz: configured writeable zone
> '112.168.192.in-addr.arpa'
> Dec 3 20:10:18 srv named[20349]: samba_dlz: trying container
> 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
> Dec 3 20:10:22 srv named[20349]: samba_dlz: configured writeable zone
> '113.168.192.in-addr.arpa'
> Dec 3 20:10:22 srv named[20349]: samba_dlz: trying container
> 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
> Dec 3 20:10:26 srv named[20349]: samba_dlz: configured writeable zone
> '114.168.192.in-addr.arpa'
> Dec 3 20:10:26 srv named[20349]: samba_dlz: trying container
> 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
> Dec 3 20:10:31 srv named[20349]: samba_dlz: configured writeable zone
> '115.168.192.in-addr.arpa'
> Dec 3 20:10:31 srv named[20349]: samba_dlz: trying container
> 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
> Dec 3 20:10:35 srv named[20349]: samba_dlz: configured writeable zone
> '116.168.192.in-addr.arpa'
> Dec 3 20:10:35 srv named[20349]: samba_dlz: trying container
> 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
>
>
> Which ldap filter and base is used, to find a zone or a host entry by a
> query??
> So i can check with ldapsearch, if the result is also so slow.
>
> Thanks!
>
To find all the zones, DLZ uses following query:
ldbsearch -H /var/lib/samba/private/dns/sam.ldb -s sub \
-b 'CN=MicrosoftDNS,CN=System,DC=test,DC=intern'
"objectclass=dnsZone"
And each individual record is searched using following query:
ldbsearch -H /var/lib/samba/private/dns/sam.ldb -s base \
-b
'DC=s-srv04,DC=test.local,CN=MicrosoftDNS,CN=System,DC=test,DC=intern"
"objectclass=dnsNode"
Would it possible to compare the above query with the following query and
report the times?
ldbsearch -H /var/lib/samba/private/dns/sam.ldb -s one \
-b 'DC=test.local,CN=MicrosoftDNS,CN=System,DC=test,DC=intern"
"(&(objectclass=dnsNode)(name=s-srv04))"
Amitay.