When the Server crash :(
 

Hello everybody
here is what has happened to me :
i set a NAT server(iptables) , which i added a DNS(bind9) server with a PROXY(squid2.4stable6) server . the NAT , Transparent Proxy , and the DNS server was working proprely without any problemes .......BUT !

after a connexion of 17 clients , ( which use this proxy as default gw and name server ) the system crash every 10 ~ 20 min whith :
the DNS stop resolving Names .
while trying to restart it is freezes on message : Restarting Name Server .
when trying to use an other name server the sstem doenst work also ( => SQUID crashs also )
i thaught about an overload of my server , but after getting a look on free -m , vmstat , top .... i found that my resources has always something free , anytime , and with any number of requests per second !

please if someone can have an idea about this just tell me
thax

Where the problems started? Is it possible that after a power failure or something similar that may have caused filesystem errors? have you tried fsck on the partitions you have the executables and configuration files?

Sounds like bad RAM to me. Have you tried swapping RAM modules? It could also be overheating. The problem with named now is probably due to the crashes. You most likely have lost clusters on /var and named is an application that loads data from /var. Try running fsck.

> Oct 13 14:29:40 LNXDNS01 named[14091]: client 206.27.2.x#51666: no more
TCP clients: quota reached
this is after fixing a (;) missed in named.conf which caused the crash of named , my ram is OK , and i've all my HDD clusters ok also , it's just that sometimes the server became a quite slow to reply clients queries , and SQUID crash often , with a message let in the logs which says that the disk space quota is exeeded , even if i set Cache_dir to 17000 (17Gb) and actualy i have only 1GB used !
realy i can't understand what's happening !

I don't think the disk quota is reached, I think the connection limit is reached. Why is everything using TCP to query named? Normal queries use UDP unless the response is unusually large (in which case they reissue the query using TCP).

I think you have a problem with a large number of TCP connections being opened and never closed again. What does the output of
$ netstat -anA inet |grep -v udp |grep -v LISTEN
when you're at high load?

*note the above syntax for netstat might not work on Linux; I've converted it from OpenBSD. I know that the Linux equiv. to -f inet is -A inet, but I don't recall if udp is prefixed with udp, UDP, etc...