It is difficult to understand how BIND manages the occupied memory of your server. And most of the problems for DNS forwarders are the memory related – it grows enormously and if you try limiting it you might end up with a DNS server dropping some connections.
So if you have a DNS BIND9 server (especially a forwarder) you can dump the query cache into a file and see the size of the file. Such you might get the tentative memory usage of your BIND9 server.
rdnc dumpdb
To dump the query cache.
A real world example. Always include “-all” to be sure all the cache is dumped in the file!
root@srv1 # rndc dumpdb -all root@srv1 # ls -altr /var/bind/ total 141596 drwxrwxr-x 2 bind bind 4096 Jan 25 00:56 pri drwxrwxr-x 2 bind bind 4096 Jan 25 00:56 dyn -rw-rwxr-- 1 bind bind 3289 Jan 25 00:58 root.cache drwxr-xr-x 5 bind bind 4096 Feb 13 05:15 .. drwxrwxr-x 2 bind bind 12288 May 7 10:00 sec drwxrwxr-x 5 bind bind 4096 May 8 03:52 . -rw-r--r-- 1 bind bind 144810299 May 8 03:56 named_dump.db
As you can see our dump file is around 139 Mbytes size, so you can expect at least 140 Mbytes of memory to be used for the BIND9 query cache. You can track in your case the footprint of named process and the size of the dump file.
Here is what you can find in the named_dump.db file:
; Zone dump of '10.10.10.in-addr.arpa/IN/america' ; 10.10.10.in-addr.arpa. 86400 IN SOA ns1.exa-ns5.com. wdns.exa-ns5.com. 2065407385 60 30 2419200 30 10.10.10.in-addr.arpa. 1800 IN NS ns1.exa-ns5.com. 10.10.10.in-addr.arpa. 1800 IN NS ns2.exa-ns5.com. 10.10.10.in-addr.arpa. 1800 IN NS ns4.exa-ns5.com. 10.10.10.in-addr.arpa. 1800 IN NS ns5.exa-ns5.com. 1.10.10.10.in-addr.arpa. 86400 IN PTR 1.example.com. 2.10.10.10.in-addr.arpa. 86400 IN PTR 2.example.com. ; ; Zone dump of '10.10.11.in-addr.arpa/IN/america' ; 10.10.11.in-addr.arpa. 86400 IN SOA ns1.exa-ns5.com. wdns.exa-ns5.com. 2065407385 60 30 2419200 30 10.10.11.in-addr.arpa. 1800 IN NS ns1.exa-ns5.com. 10.10.11.in-addr.arpa. 1800 IN NS ns2.exa-ns5.com. 10.10.11.in-addr.arpa. 1800 IN NS ns4.exa-ns5.com. 10.10.11.in-addr.arpa. 1800 IN NS ns5.exa-ns5.com. 18.10.10.11.in-addr.arpa. 86400 IN PTR ns1.exa-ns5.com. 19.10.10.11.in-addr.arpa. 86400 IN PTR ns2.exa-ns5.com. ; Zone dump of 'example.com/IN/america' ; example.com. 180 IN SOA ns1.exa-ns5.com. support.example.com. 2065407734 60 30 2419200 30 example.com. 1800 IN NS ns1.exa-ns5.com. example.com. 1800 IN NS ns2.exa-ns5.com. example.com. 1800 IN NS ns4.exa-ns5.com. example.com. 1800 IN NS ns5.exa-ns5.com. example.com. 180 IN MX 1 ASPMX.L.GOOGLE.COM. example.com. 180 IN MX 5 ALT1.ASPMX.L.GOOGLE.COM. example.com. 180 IN MX 5 ALT2.ASPMX.L.GOOGLE.COM. example.com. 180 IN MX 10 ASPMX2.GOOGLEMAIL.COM. example.com. 180 IN MX 10 ASPMX3.GOOGLEMAIL.COM. *.210.example.com. 180 IN A 10.10.10.10 *.2107.example.com. 180 IN A 10.10.10.134 *.2109.example.com. 180 IN A 10.10.10.138 *.2115.example.com. 180 IN A 10.10.10.98 *.2117.example.com. 180 IN A 10.10.10.99 *.2119.example.com. 180 IN A 10.10.11.2 *.2131.example.com. 180 IN A 10.10.11.6 *.2246.example.com. 180 IN A 10.11.11.13 *.2260.example.com. 180 IN A 10.11.12.184 *.2271.example.com. 180 IN A 10.11.13.158 *.2298.example.com. 180 IN A 10.11.14.14 *.2292.example.com. 180 IN A 10.10.15.65 *.2296.example.com. 180 IN A 10.10.10.100
Here is the syntax
You can dump only a zone or view.
dumpdb [-all|-cache|-zones] [view ...]
Dump cache(s) to the dump file (named_dump.db).