Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I get timed out when I do nslookup for "unknown" hosts (ie. hosts that couldn't possibly be in my DNS cache). For example, if I do nslookup host.com, DNS starts thinking and I get an error ";; connection timed out; no servers could be reached" and if I do nslookup host.com again, I get the hostname resolved. My sendmail and squid proxy servers are all using this same DNS server and there's no problem there. Also, when I try to browse some unknown site, my browser keeps thinking for a few seconds (while trying to resolve the host->IP) before I get to connect to the site. My DNS server is running bind and the "port 53;" option is disabled because of the recent DNS vulnerability; so it randomizes ports.
Is this timeout behavior normal and should be expected?
Location: Under the bridge where proper engineers walkover
Distribution: Various Linux, Solaris, BSD, Cisco
Posts: 443
Rep:
This sounds like a problem I had just a few hours ago!
The DNS server that's connected to your network, do you have control over it or not?
It seems like your machine maybe trying to resolve to 2 DNS servers at once using the main DNS server as the secondary.
Maybe you can point your machine to only that server if more then one are configured or perhaps change to ISP DNS server.
What's in your /etc/network/interfaces file if your on a Debian system, I'm not sure where other distros keep there network interfaces files but if you know then please post the contents
Location: Under the bridge where proper engineers walkover
Distribution: Various Linux, Solaris, BSD, Cisco
Posts: 443
Rep:
hmm.....
you might wana think about Desktop->Admin->Networking from Gnome if you run (if not use the KDE equivelent or whatever desktop manager you are working with) and having only the DNS server inside the DNS part if there are two DNS servers currently.
And also remove any search domains that maybe in there!
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
If your network is high-latency, or you have an aggressive host firewall, it's possible that the application (or the connection state on the firewall) will time-out before you get the answer back. In the first case, usually the socket still receives the information any way (I've seen this happen) and it gets cached. In the second case, the response packets never get a chance to come in because the firewall gives up and tears down the state. In that case you just to query repeatedly until an answer comes back quickly enough for the firewall to allow it through.
Do you know what the time-out duration is for UDP states on your firewall? What sort of connection do you have? Do you have any forwarders configured in named.conf? How fast is the hardware that your DNS server is running on?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.