Question TCP client quota reached: quota reached

[SalvadorS]

Hello everybody,

Why I see this line in my /var/log/daemon.log file?


May 27 09:11:15 xx named[25053]: client @0x7f59082e2730: TCP client quota reached: quota reached


May 27 09:11:15 xx named[25053]: client @0x7f5908212180: TCP client quota reached: quota reached


May 27 09:11:15 xx named[25053]: client @0x7f5908275c30: TCP client quota reached: quota reached


May 27 09:11:15 xx named[25053]: client @0x7f5910659870: TCP client quota reached: quota reached


May 27 09:11:16 xx named[25053]: client @0x7f591074b940: TCP client quota reached: quota reached


May 27 09:11:16 xx named[25053]: client @0x7f5910821270: TCP client quota reached: quota reached


May 27 09:11:16 xx named[25053]: client @0x7f590809fe60: TCP client quota reached: quota reached


May 27 09:11:16 xx named[25053]: client @0x7f59080210e0: TCP client quota reached: quota reached


May 27 09:11:16 xx named[25053]: client @0x7f5908158ff0: TCP client quota reached: quota reached

Thanks

 

[IgorG]

This message is most likely due to the number of client's TCP connections is currently established to the named process is greater than the maximum clients TCP connections that are allowed:

# rndc status
version: 9.9.5-9+deb8u18-Debian (none) <id:f9b8a50e>
recursive clients: 0/0/1000
tcp clients: 124/100
server is up and running

By the above, I suggest to increase the number of "tcp-clients" and "recursive-clients", adding the following parameters:

recursive-clients 2000;
tcp-clients 200;

In the file "etc/named.conf"

# rndc status
version: 9.9.5-9+deb8u18-Debian (none) <id:f9b8a50e>
recursive clients: 0/1900/2000
tcp clients: 124/200
server is up and running

I hope it will help.

 

[SalvadorS]

Dear Igor,

First of all thank you for your support as always. I added these two lines to etc/named.conf file like that:

// -- PLEASE ADD YOUR CUSTOM DIRECTIVES BELOW THIS LINE. --
// ...
recursive-clients 2000;
tcp-clients 200;
// -- END OF YOUR CUSTOM DIRECTIVES. --

But still

recursive clients: 0/0/1000

tcp clients: 100/100

Do I have to restart something?

 

[IgorG]

Yes, named service must be restarted after these changes.

 

[SalvadorS]

Thank again Igor,

How can I reload named in a debian box?

root@xx:/var/named/run-root/etc# service named restart


Failed to restart named.service: Unit named.service not found.

 

[IgorG]

If I'm not mistaken, on Debian, it should be like:

# service bind9 restart

 

[SalvadorS]

After addidng that two lines I received this error:

root@xx:/var/named/run-root/etc# rndc status

WARNING: key file (/etc/bind/rndc.key) exists, but using default configuration file (/etc/bind/rndc.conf)

rndc: connect failed: 127.0.0.1#953: connection refused

So I have to delete them just in case... I don´t know if I added the lines in the correct place...

 

[IgorG]

What is the output of the following command:

# cat /etc/default/bind9

?

 

[SalvadorS]

root@xxx:/var/named/run-root/etc# cat /etc/default/bind9

OPTIONS="-f -t /var/named/run-root -c /etc/named.conf -u bind -n 2"

 

[SalvadorS]

Hello,

It is possible to add that two lines but in this section:

// -- THE FOLLOWING LINES WERE GENERATED BY PLESK. IF YOU MODIFY THEM, THEY WILL BE OVERWRITTEN WHEN THESE SETTINGS ARE MANAGED IN PLESK UI. --


options {

And the add the lines. But everytime the file is modified by plesk I think the lines will disappear. Any ideas?