Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Looking at the resolv.conf manual, it suggests nameserver entries in the resolv.conf file are tried in turn until a response is received.
I have three DNS servers on my network all are listed in the resolv.conf file.
I took one of the DNS servers down the other day. It was the third entry in my Linux machines resolv.conf file. However, DNS resolution became very slow until I brought the DNS back up again.
Has the behaviour of resolv.conf changed and the manual not been updated? Can anyone think why this might have happened?
I thought (as you did probably too) that the list is read from top till bottom, one by one, but now that I think of it, it's not impossible that the list is read from bottom till top. Did you try taking the other servers out one by one, or could you possibly use a network sniffer to find out where it first tries to send the queries?
Now that i've fixed the issue, I can't recreate it. It certainly is working as expected now. A tcpdump shows a query to the first entry in the list (from top downwards) and it doesn't try the second unless the first fails.
I put a bogus address as the 3rd entry to simulate one of the DNS servers being down, but it doesn't suffer the performance issue I saw this morning.
To avoid any caching issues, i will leave the machine overnight and try again tomorrow.
The machines I was having problems on are Red Hat EL3 with OpenSSH 3.6. The problem wasn't seen on Red Hat EL4 with OpenSSH 3.9.
What happens is that in earlier versions of OpenSSH - by default the SSH client tries to connect via ipv6 before it falls back to ipv4.
In our case it tries to resolve the hostname via ipv6, which fails. It then tries each DNS in turn, including the one that is down (causing the hangs) - when it fails on all servers it drops to ipv4 and then works.
Appending a -4 on the ssh command gets around the problem. But most of our users won't remember or want to do this.
Unfortunately the command "AddressFamily inet" which can be used in the ssh_config file to force ipv4 connectivity, does not work with OpenSSH 3.6. If I upgrade to a newer version I break the Enterprise model for RedHat and will no longer get auto updates for it.
I don't want to put an alias for each user adding the -4 as this is nasty and will get forgotten.
I guess Ill just leave it as it is - it only happens when a DNS is out of action and it doesn't actually stop ssh sessions, just slows the initial connection.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.