LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   takes a long delay to resolve name (http://www.linuxquestions.org/questions/linux-networking-3/takes-a-long-delay-to-resolve-name-48991/)

Kocil 03-09-2003 03:06 PM

takes a long delay to resolve name
 
Dear experts.

I have problem that my Linux box takes a quite long time to resolve an internet name for the first time. However, once the name is resolved, the next calling will be successfull without delay.

My Linux : Redhat 7.3
local DNS : chaching DNS server (as installation, I didn't change anything)
Main DNS : other DNS server on my network
Firewall : accept everything but log it for the test.

Some examples are here
(My IP is masked to 1.2.3.4, My main DNS is masked to 1.2.3.1):
=========================
# nslookup -sil www.altavista.com
;; connection timed out; no servers could be reached

# nslookup -sil www.altavista.com
;; connection timed out; no servers could be reached

# nslookup -sil www.altavista.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: www.altavista.com
Address: 209.73.164.91
=========================
# ping www.lycos.com
ping: unknown host www.lycos.com
# ping www.lycos.com
ping: unknown host www.lycos.com
# ping www.lycos.com
PING www.lycos.com.akadns.net (209.202.192.25) from 1.2.3.4 : 56(84) bytes of data.
64 bytes from www.lycos.com (209.202.192.25): icmp_seq=1 ttl=243 time=31 ms
========================

This is the firewall log during the failed tests
==============================
Mar 10 05:35:31 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1068 DPT=53 LEN=40
Mar 10 05:35:36 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1025 DPT=53 LEN=40
Mar 10 05:35:37 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1068 DPT=53 LEN=40
==============================

Then this is the firewall log before the successfull test
==============================
Mar 10 05:35:42 rob01 kernel: Firewall ACC IN=eth0 OUT= SRC=1.2.3.1 DST=1.2.3.4 LEN=226 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=53 DPT=1066 LEN=206
Mar 10 05:35:42 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=254 TOS=0x00 PREC=0xC0 TTL=64 ID=49813 PROTO=ICMP TYPE=3 CODE=3 [SRC=134.115.8.33 DST=134.115.124.126 LEN=226 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=53 DPT=1066 LEN=206 ]
===========================


Thank you for your help.

peter_robb 03-10-2003 04:24 AM

type
cat /etc/resolv.conf
and test each listed nameserver by doing
dig www.some.domain.name @each.nameserver.ip.address

It may be that they don't work...
If there's nothing in the file, find them from your isp data and add them
nameserver 1.2.3.4

If they go back to your other LAN DNS server, get it some good external dns servers to use.

Kocil 03-11-2003 09:09 AM

Cool, you are right.

I changed the main DNS to the secondary DNS server on our LAN and it's working fine now.

Sorry for this simple trouble.

Thanks a lot.


All times are GMT -5. The time now is 04:40 PM.