takes a long delay to resolve name
Dear experts.
I have problem that my Linux box takes a quite long time to resolve an internet name for the first time. However, once the name is resolved, the next calling will be successfull without delay. My Linux : Redhat 7.3 local DNS : chaching DNS server (as installation, I didn't change anything) Main DNS : other DNS server on my network Firewall : accept everything but log it for the test. Some examples are here (My IP is masked to 1.2.3.4, My main DNS is masked to 1.2.3.1): ========================= # nslookup -sil www.altavista.com ;; connection timed out; no servers could be reached # nslookup -sil www.altavista.com ;; connection timed out; no servers could be reached # nslookup -sil www.altavista.com Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: Name: www.altavista.com Address: 209.73.164.91 ========================= # ping www.lycos.com ping: unknown host www.lycos.com # ping www.lycos.com ping: unknown host www.lycos.com # ping www.lycos.com PING www.lycos.com.akadns.net (209.202.192.25) from 1.2.3.4 : 56(84) bytes of data. 64 bytes from www.lycos.com (209.202.192.25): icmp_seq=1 ttl=243 time=31 ms ======================== This is the firewall log during the failed tests ============================== Mar 10 05:35:31 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1068 DPT=53 LEN=40 Mar 10 05:35:36 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1025 DPT=53 LEN=40 Mar 10 05:35:37 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1068 DPT=53 LEN=40 ============================== Then this is the firewall log before the successfull test ============================== Mar 10 05:35:42 rob01 kernel: Firewall ACC IN=eth0 OUT= SRC=1.2.3.1 DST=1.2.3.4 LEN=226 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=53 DPT=1066 LEN=206 Mar 10 05:35:42 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=254 TOS=0x00 PREC=0xC0 TTL=64 ID=49813 PROTO=ICMP TYPE=3 CODE=3 [SRC=134.115.8.33 DST=134.115.124.126 LEN=226 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=53 DPT=1066 LEN=206 ] =========================== Thank you for your help. |
type
cat /etc/resolv.conf and test each listed nameserver by doing dig www.some.domain.name @each.nameserver.ip.address It may be that they don't work... If there's nothing in the file, find them from your isp data and add them nameserver 1.2.3.4 If they go back to your other LAN DNS server, get it some good external dns servers to use. |
Cool, you are right.
I changed the main DNS to the secondary DNS server on our LAN and it's working fine now. Sorry for this simple trouble. Thanks a lot. |
All times are GMT -5. The time now is 11:10 AM. |