Re: Slow DNS Lookup - Debian

On Thu, 08 Dec 2005 18:46:50 -0800, prg wrote:
> Moe Trin wrote:

>> hosts: files nisplus nis dns
>>
>> and if you don't run NIS or NIS+, you can speed things up slightly by
>> removing reference to them - i.e.
>>
>> hosts: files dns

You can speed it up some more by running "nscd" (also if you _do_ use NIS).

[snip]

>> Third, use tcpdump to see that you are using responsive name servers.
>> You may want to reorder the list of name servers if you notice one is
>> consistently slower. tcpdump will also show search configuration
>> problems (step 2 above) if you look at the questions it's asking. Oh,
>> and remember there is a maximum of MAXNS (see <resolv.h>) name server
>> lines. For most systems, MAXNS is '3'

To overcome this limitation (without recompiling any resolver stub lib),
run a cache on your workstation.
In /etc/resolv.conf that'd be "nameserver 127.0.0.1" as the first
statement and the /etc/named.conf file looking something like:

options {
dnssec-enable yes;

listen-on {
/* localhost */
127.0.0.1;
};

forward only;
forwarders {
/* LAN caches */
192.168.0.10;
192.168.1.10;
};
};

>> One minor point - the DNS query tools (dig, dnsquery, host, and
>> nslookup) behave differently than an application that uses the resolver
>> in the kernel. Be careful about comparing apples and oranges.

Indeed. I wrote a (rather trivial) wrapper for "gethostbyname" some time:
http://groups.google.nl/group/alt.os.linux.slackware/msg/3f0e5a7d216bac8a

Little did i know then (or remember) there to be similar code in:
/usr/share/doc/tcp_wrappers-7.6/README.NIS

( The error reporting on the latter not being as pedantic, however that
includes a "gethostbyaddr" wrapper/utility as well ... )

> I suspect that setting timeout: 1 has the effect of automagically
> querying the _second_ name server that DHCP returns.

Here (on Slackware 10.2) there doesn't seem to even be such an option
mensioned in "man resolv.conf" at all ... Is this an undocumented feature?

> Thus while everyone is banging on the first entry ray is quickly
> switching to the second (not nearly so loaded) name server.
>
> Wonder what he will think when he gets on a _properly_
> designed/administered network where the name servers are load balanced
> or -- heavenly spirits forbid -- the admin simply gives half the clients
> the IPs as 1.1.1.1 followed by 1.1.1.2 and the other half 1.1.1.2
> followed by 1.1.1.1 ;-)

Shouldn't redundant nameservers reside on different subnets though?
(So that if a/the router fails - there's still a name service available.)

--
-Menno.

.

Relevant Pages

  • Re: Mysterious delay establishing any TCP/IP connection
    ... Ensure that on the hosts: ... > files directive appears before the dns directive. ... servers of our hoster. ... right after the upgrades -- we noticed the problem about ...
    (comp.os.linux.networking)
  • Re: Strange resolve problem
    ... hosts: files nis dns ... It is conventional to use "files dns" for the hosts resolution order, ...
    (comp.os.linux.misc)
  • Re: Putting DNS names in NIS tables.
    ... >Do most of you Unix admins put your DNS names in your NIS host tables? ... you can enter them in the hosts file on your NIS ... NIS master's hosts file would be those not in dns or those that you might ...
    (comp.unix.admin)
  • Re: Putting DNS names in NIS tables.
    ... >Do most of you Unix admins put your DNS names in your NIS host tables? ... you can enter them in the hosts file on your NIS ... NIS master's hosts file would be those not in dns or those that you might ...
    (comp.sys.sgi.admin)
  • Re: Putting DNS names in NIS tables.
    ... >Do most of you Unix admins put your DNS names in your NIS host tables? ... you can enter them in the hosts file on your NIS ... NIS master's hosts file would be those not in dns or those that you might ...
    (comp.unix.solaris)