Re: Bell South DSL Problem with 10.0

On Thu, 19 Oct 2006, in the Usenet newsgroup alt.os.linux.suse, in article
<slrnejfire.5bj.wyrd@xxxxxxxxxxxxxxxxx>, Harold Stevens wrote:

I put my folks on BellSouth DSL with SuSE in about 20 minutes or so this
past July, so I can't really help directly. In particular, I don't quite
understand the DNS delay since I didn't see it then, and my folks aren't
complaining about it (AFAIK, right now).

_Could_ be IPv6. If your system is configured for IPv6, it sends a AAAA
query first, waits for that to time out, then sends an A query. If the
ISP's name server is aware of IPv6, it will provide an IPv6 answer (either
the IPv6 address, or a SERVFAIL or NOTIMP response declining IPv6, or an
NXDOMAIN stating that there is no IPv6 address. In the three "no IPv6
answer" cases, the resolver then asks for an A record - taking an extra
second or two. Usual solution is to disable IPv6 if you don't need it,
and/or if your upstream doesn't support it.

The obvious way to prove/disprove this is simply to run tcpdump - perhaps
'/usr/sbin/tcpdump -ni eth0 -s 500 udp' (though perhaps the latter should
be 'udp and port 53' to filter out all the windoze messenger spam) or the
equivalent in your favorite packet sniffer, and see what the packets are
saying. The "conversation" will be in English - if a little cryptic. If
that is the problem, disabling IPv6 lookups has been covered hundreds of
thousands of times - including the current thread here "Internet access
slow in SLED10".

I think the DNS resolution by the typical ISP today is dynamic

If you mean that the ISP is providing DNS addresses via DHCP or the
usepeerdns option in PPP, I'd suggest that's likely. However the ISP is
not likely to be playing Musical IP Addresses with the name servers. At
work, we haven't changed the name server IPs since we started in the
late 1980s. Of the four ISPs I've had, none have changed their name server
IPs while I've been with them - in one case going back to 1993.

As a last resort (making sure you don't have /etc/resolv.conf) try

echo "options timeout:1" > /etc/resolv.conf

<cringe>

The default has been 5 seconds. As long as the name server isn't
b0rken and responds appropriately to an IPv6 query (or if you don't/can't
use IPv6 - have that disabled), timeout has rarely been an issue. I
have seen name servers take longer than one second to respond - quite
often if resolving obscure names.

Old guy
.

Relevant Pages

  • Re: Was beachten bei IPv6 Firewall?
    ... Da ich keine IPv6 Cliens oder Server laufen habe, ... ip6tables -A OUTPUT -j ACCEPT ... Datenkanele solande es noch kein FTP-Helpermodul fuer ipv6 gibt. ...
    (de.comp.os.unix.networking.misc)
  • Re: AD replication not working
    ... though I had an issue awhile back where IPv6 had to be on, for Exchange. ... I then couldn't even get it to join as a member server. ... After seeing this, what I can suggest from previous experience, is to diable IPv6 completely on the 2008 DC, as well as disable RSS on all DCs ... Let's first disable IPv6 on the 2008 DC and restart it. ...
    (microsoft.public.windows.server.active_directory)
  • Re: suddenly lots of named errors(?) in the log
    ... your name server asked some remote name server for an ... the remote name servers returned ... a result code that essentially says "I don't do IPv6". ... FORMERR 1 The name server was unable to interpret the request ...
    (uk.comp.os.linux)
  • Re: Multiple domain name support
    ... on three separate IP addresses on the current mail server. ... It's not trivial -if at all possible- to force sendmail to use ... being forwarded to an IPv4 only host that came in via IPv6. ...
    (comp.mail.sendmail)
  • Re: sendmail problems
    ... I need help to resolve a problem with my sendmail server. ... I use this server to manage mailman lists, ... or are you running IPv6? ...
    (freebsd-questions)