Printable Version of Topic

Click here to view this topic in its original format

Linuxhelp _ Technical Support _ Slow DNS lookup (no IPv6-issue???)

Posted by: Mastov Jul 6 2008, 05:32 AM


my dns lookups take several (~ 6-10) seconds every time. I tried a lot of things, but now I ran out of ideas. What I tried up to now is:

- Deactivate IPv6: The most common advice about slow dns lookups didn't work in my case. IPv6 is already successfully deactivated (at least "lsmod | grep ipv6" claims that), but the problem continues. Also deactivation IPv6-lookups for certain programs (like firefox or ssh) doesn't help.
- Use other nameservers: Changing the nameserver in /etc/resolv.conf to other ones didn't change anything as well. Besides, the original nameservers are working well on other systems!
- Adding "option timeout:1" to or removing "domain ..." or "search ..." lines from the /etc/resolv.conf file: Also didn't help...

Any further ideas?


PS: Distro "Debian Lenny Amd64" out of the box, only ndiswrapper installed and WLAN configured

Posted by: Mastov Jul 6 2008, 11:14 AM

Additional information:

I installed wireshark and did some analysis, what was going on, when I tried to connect to some server, for example It looked always like this:

0s : Query AAAA
2s : Query AAAA
4s : Query AAAA
4.01s : Response AAAA
4.02s : Query AAAA
6s : Query AAAA
8s : Query AAAA
8.01s : Response AAAA : No such name
8.02s : Query A
10s : Query A
12s : Query A
12.01s : Response AAAA :
12.02s : TCP Init connection with

2 interesting questions about that:
- Why does every query have to be done 3 times until a response is received???
- Why are there still AAAA-queries, if the ipv6-kernel-module is not loaded ("lsmod | grep ipv6" gives empty output!)?

Anyone any idea? Thanks!

Posted by: Mastov Jul 8 2008, 10:41 AM

I think I resolved the issue:

I analyzed the DNS queries of windows (working without problems on the same machine) and found out that the same effect is happening there as well: 3 query packets have to be sent until a response is received. The difference: Windows sends the queries with a much higher frequency and therefore the whole progress doesn't take as much time and the user doesn't recognize any delay.

So the problem seemed to be rather the router than the client system. Maybe the router recognizes an UDP "connection" only after at least 3 packets have been sent from the same port to the same port (as using UDP the router has no TCP flags signalling new connections). I don't know, something like this...

Workaround (since I haven't got access to reconfigure the router): Define the router IP itself as nameserver instead of the nameservers that it suggests via DHCP. So the UDP packets have to travel only within the LAN and the problem is avoided. The router is then able to act as a "DNS-forwarder", asks the nameservers of the ISP for the result and returns the result to the client.

Anyway: Hard to imagine that this effect doesn't happen all over the linux world?! What is different in other people's linux systems? Do they usually have shorter timeouts? Is the configuration of my router really THAT strange and normally routers forward the DNS packets properly? Do they ignore the DHCP-given nameservers and use the gateway-IP as default nameserver??? I didn't reconfigure anything strangely, the system is an almost-out-of-the-box debian!

Thanks for your help!

Posted by: thilak Jul 20 2011, 12:29 PM

For the good reverse DNS lookup ,
I visit this site
It has the best information of IP address, IP address to domain, domain name to IP,domain name, DNS lookup., IP address lookup and ping test !!!

Posted by: Ninjatum Aug 1 2011, 01:05 PM

Thank this all post.

Posted by: pech Aug 3 2011, 01:33 AM

Thank you for sharing good luck to me.


Powered by Invision Power Board (
© Invision Power Services (