Forum Discussion

Jeremiah_47575's avatar
Icon for Nimbostratus rankNimbostratus
Feb 14, 2010

Recommended idle timeout setting for DNS (UDP)?

I have two sets of LTM 3400's hosting my primary and secondary dns vip's with a pool of dns servers behind each respective vip. The vip's are setup for Performance (Layer 4) and I'm using a custom 'fastL4-dns' profile to manage the "Idle Timeout" setting. My question is if there is a recommended setting? A legacy config had this set to 24 hours, leaving me with over a million idle/active connections while my backnet DNS servers were only processing a few hundred at a time (max). I've since dropped this down to default (300s) and then further to 120s, each time seeing a dramatic decrease in active connections and tmm resources. Upon lowering it to 10s, I began seeing zone xfer issues due to the size of our zone files and a conn reset being received when it took longer than 10s to send. For now, I've set it back to 120s and am seeing ~10000 connections per dns node, which isn't realistic.



What are suggested settings that have worked well for others?



Is there a way to 'fix' it so that these idle connections don't stick around?







11 Replies

  • For reference, you could also look at the stateless virtual server:



    SOL13675 - Overview of the stateless virtual server



