DNS lookups taking too long.
 

Good Morning!

This investigation started with an Oracle installation saying "Dude, you're bad host lookups are taking more than 15000 ms!" A followup (accidental) test came about when the master DNS server got shut off for longer than the zone files' Expire time.

=== The questions:

1) Of the 12 test look ups of a known bad hostname, only one returned "Host badhost not found: 2(SERVFAIL)" which I believe is the appropriate response. Why might that be?

2) Adding "option timeout" and "option attempts" to /etc/resolv.conf on the client side don't appear to change look up times in any material way. How can I speed up the SERVFAIL or time out responses from the server side?

=== The tests:

Let's start with two bind DNS servers. Call them "master" and "slave."

Both are:
RHEL 5.4
bind-9.3.6-4.P1.el5_5.3
bind-chroot-9.3.6-4.P1.el5_5.3

They handle a test network of three subdomains and one subnet. This network doesn't have access to the outside world, but has some 200 hosts in the test net.

Aside from the master/slave zoning, named.conf is identical for both hosts. I can look in slave:/var/named/chroot/var/named/slaves/ and see good copies of the master's zone files.

Test a known good host with both DNS servers running.
Test a non-existant hostname with both servers running.
Shutdown "slave" and repeat all six tests.
Restart "slave" and stop "master." Re-run all six tests.

Are "goodhost" and "badhost" FQDN's ? .. and if so is the domain part wrong or the host part wrong for "badhost"?

goodhost and badhost are both simple host names. Goodhost exists in one of the three subdomains. Badhost is, literally, "badhost," and a hostname (so to speak) designed to fail.