Help - Search - Members - Calendar
Full Version: Slow DNS lookup (no IPv6-issue???)
Linuxhelp > Support > Technical Support
Mastov
Hi,

my dns lookups take several (~ 6-10) seconds every time. I tried a lot of things, but now I ran out of ideas. What I tried up to now is:

- Deactivate IPv6: The most common advice about slow dns lookups didn't work in my case. IPv6 is already successfully deactivated (at least "lsmod | grep ipv6" claims that), but the problem continues. Also deactivation IPv6-lookups for certain programs (like firefox or ssh) doesn't help.
- Use other nameservers: Changing the nameserver in /etc/resolv.conf to other ones didn't change anything as well. Besides, the original nameservers are working well on other systems!
- Adding "option timeout:1" to or removing "domain ..." or "search ..." lines from the /etc/resolv.conf file: Also didn't help...

Any further ideas?

Thanks!
Chris

PS: Distro "Debian Lenny Amd64" out of the box, only ndiswrapper installed and WLAN configured
Mastov
Additional information:

I installed wireshark and did some analysis, what was going on, when I tried to connect to some server, for example google.com:80. It looked always like this:

0s : Query AAAA google.com
2s : Query AAAA google.com
4s : Query AAAA google.com
4.01s : Response AAAA google.com
4.02s : Query AAAA google.com.local.lan
6s : Query AAAA google.com.local.lan
8s : Query AAAA google.com.local.lan
8.01s : Response AAAA google.com.local.lan : No such name
8.02s : Query A google.com
10s : Query A google.com
12s : Query A google.com
12.01s : Response AAAA google.com : 72.14.207.99
12.02s : TCP Init connection with 72.14.207.99
...

2 interesting questions about that:
- Why does every query have to be done 3 times until a response is received???
- Why are there still AAAA-queries, if the ipv6-kernel-module is not loaded ("lsmod | grep ipv6" gives empty output!)?

Anyone any idea? Thanks!
Mastov
I think I resolved the issue:

I analyzed the DNS queries of windows (working without problems on the same machine) and found out that the same effect is happening there as well: 3 query packets have to be sent until a response is received. The difference: Windows sends the queries with a much higher frequency and therefore the whole progress doesn't take as much time and the user doesn't recognize any delay.

So the problem seemed to be rather the router than the client system. Maybe the router recognizes an UDP "connection" only after at least 3 packets have been sent from the same port to the same port (as using UDP the router has no TCP flags signalling new connections). I don't know, something like this...

Workaround (since I haven't got access to reconfigure the router): Define the router IP itself as nameserver instead of the nameservers that it suggests via DHCP. So the UDP packets have to travel only within the LAN and the problem is avoided. The router is then able to act as a "DNS-forwarder", asks the nameservers of the ISP for the result and returns the result to the client.

Anyway: Hard to imagine that this effect doesn't happen all over the linux world?! What is different in other people's linux systems? Do they usually have shorter timeouts? Is the configuration of my router really THAT strange and normally routers forward the DNS packets properly? Do they ignore the DHCP-given nameservers and use the gateway-IP as default nameserver??? I didn't reconfigure anything strangely, the system is an almost-out-of-the-box debian!

Thanks for your help!
thilak
For the good reverse DNS lookup ,
I visit this site http://www.whoisxy.com/domain-to-ip.aspx
It has the best information of IP address, IP address to domain, domain name to IP,domain name, DNS lookup., IP address lookup and ping test !!!
Ninjatum
Thank this all post.
pech
Thank you for sharing good luck to me.


________________
sbobet-คาสิโนออนไลน์-ผลบอล-gclub
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.