no more recursive clients

[JazzyB]

Dear All

I am having problem with my squid box named service. Following is error message.

"Named [924]: client ip#1046: no more recursive clients: quota reached"

Kindly help me to resolve issue.

thanks

[mejam]

By default, BIND allows 1000 concurrent recursive clients. If you exceed this limit, you will see syslog messages similar to the one that u have posted

To increase the number of concurrent recursive clients, use the recursive-clients option in the global server configuration options.

Example:

options {
...
recursive-clients 10000;

};

Increase this value to 2000 or some higher value....

[JazzyB]

Dear Abdulrehman

Kindly tell me file in which i will change value. If i change value to 3000 what are possible disadvantages of that.

[mejam]

named.conf is known as global configuration file....most of the times it is located as /etc/named.conf.check it in there.see by default the option is 1000 and its more than enough...check ur DNS if all the connections are valid or not...otherwise incrasing the value will not create troubbles for u.

[JazzyB]

Dear

Following is named file there is no line in which i reset the value. Kindly suggest me.


// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

include "/etc/rndc.key";
~

[mejam]

is this zone file working for you...??
which distro are u using...?
how did u install bind...from source or from repository....?
which version of BIND are u using...?

[JazzyB]

Dear Abdul rehman

I am using redhat 9 and this is file exist in /etc.named.conf. Well this OS is installed and in use for more than 2 years i don't know much more about that for where that person installed bind.

Bind Version is: "BIND 9.2.1"

I can reinstall that in production machine and can implement it in real scenerio.

[mejam]

i have edited ur named.conf...create a back-up of ur current file and then replace it with my conf file and clear all previous logs...then start named...and then try to resolve ur local nameserver

============================================
// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;

allow-recursion {YOUR Network IP/subnet;};
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

include "/etc/rndc.key";

=============================================

[lambda]

under normal circumstances, there is no way you'd hit that 1,000 limit.

I am using redhat 9

do you want people to break into your server?

[mejam]

u r rite lambda

[x2oxen]

why you still living in ancient ages. use something new!

[LinuxFreaK]

Dear x2oxen,
Salam,

why you still living in ancient ages. use something new!

You should give him some examples.

Best Regards.