[SOLVED] DNS resolution delays

Rohit_4739 · 07-05-2012, 06:13 PM

Hi Everyone,

I am having some issues in DNS resolution. Let me first explain my enivirnment, i have 2 boxes in my local home lab namely "serv1.home.com", "test.home.com". DNS is set up serv1 box, now when i run dig for lookup i get instant replies. However when i try to ping one machine to other one using hostname it takes quite some time. I experince the same kind of delay in doing SSH also from one machine to other and even i am facing sendmail delays between 20-40 seconds which was my primary issue. Later when i noticed all these things i thought it is a DNS issue to my knowledge (which i hope to be right if Linux gurus here can stamp it).

Here is the ping result that shows some delay, followed by sendmail logs that again shows quite some delays

Code:

[root@serv1 ~]# ping test.home.com
PING test.home.com (192.168.40.101) 56(84) bytes of data.
64 bytes from 192.168.40.101: icmp_seq=1 ttl=64 time=3.17 ms
64 bytes from 192.168.40.101: icmp_seq=2 ttl=64 time=1.36 ms
64 bytes from 192.168.40.101: icmp_seq=3 ttl=64 time=0.815 ms
64 bytes from 192.168.40.101: icmp_seq=4 ttl=64 time=0.838 ms
64 bytes from 192.168.40.101: icmp_seq=5 ttl=64 time=4.35 ms
64 bytes from 192.168.40.101: icmp_seq=6 ttl=64 time=0.833 ms
64 bytes from 192.168.40.101: icmp_seq=7 ttl=64 time=2.30 ms
64 bytes from 192.168.40.101: icmp_seq=8 ttl=64 time=0.681 ms
64 bytes from 192.168.40.101: icmp_seq=9 ttl=64 time=1.18 ms
64 bytes from 192.168.40.101: icmp_seq=10 ttl=64 time=1.17 ms
64 bytes from 192.168.40.101: icmp_seq=11 ttl=64 time=1.50 ms
64 bytes from 192.168.40.101: icmp_seq=12 ttl=64 time=1.22 ms
64 bytes from 192.168.40.101: icmp_seq=13 ttl=64 time=5.89 ms
64 bytes from 192.168.40.101: icmp_seq=14 ttl=64 time=0.672 ms
64 bytes from 192.168.40.101: icmp_seq=15 ttl=64 time=0.921 ms
64 bytes from 192.168.40.101: icmp_seq=16 ttl=64 time=0.839 ms
64 bytes from 192.168.40.101: icmp_seq=17 ttl=64 time=1.15 ms
^C
--- test.home.com ping statistics ---
17 packets transmitted, 17 received, 0% packet loss, time 25495ms
rtt min/avg/max/mdev = 0.672/1.701/5.891/1.416 ms

Sendmail logs:

Code:

ul  5 18:30:12 test sendmail[3899]: q65MUCot003899: from=root, size=304, class=0, nrcpts=2, msgid=<20120705223012.GA3893@test.home.com>, relay=root@localhost
Jul  5 18:30:12 test sm-mta[3900]: q65MUC7C003900: from=<root@test.home.com>, size=428, class=0, nrcpts=2, msgid=<20120705223012.GA3893@test.home.com>, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1]
Jul  5 18:30:12 test sendmail[3899]: q65MUCot003899: to=stu@home.com,rohit@home.com, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=60304, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (q65MUC7C003900 Message accepted for delivery)
Jul  5 18:30:52 test sm-mta[3902]: q65MUC7C003900: to=<rohit@home.com>,<stu@home.com>, ctladdr=<root@test.home.com> (0/0), delay=00:00:40, xdelay=00:00:40, mailer=esmtp, pri=150428, relay=serv1.home.com. [192.168.40.100], dsn=2.0.0, stat=Sent (q65MUqMJ006469 Message accepted for delivery)

And here is the logs for named

Code:

tail -50 /var/named/data/named.log
05-Jul-2012 19:20:59.066 queries: info: client 192.168.40.100#55406: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:03.447 queries: info: client 192.168.40.100#39379: view internal: query: test.home.com IN A + (192.168.40.100)
05-Jul-2012 19:21:03.452 queries: info: client 192.168.40.100#34033: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:04.070 queries: info: client 192.168.40.100#55406: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:08.458 queries: info: client 192.168.40.100#34033: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:09.077 queries: info: client 192.168.40.100#42534: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:14.083 queries: info: client 192.168.40.100#42534: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:19.054 queries: info: client 192.168.40.100#51708: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:24.061 queries: info: client 192.168.40.100#51708: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:29.067 queries: info: client 192.168.40.100#37681: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:21:34.073 queries: info: client 192.168.40.100#37681: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:22:48.975 queries: info: client 192.168.40.101#46674: view internal: query: 100.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:22:48.977 lame-servers: info: error (network unreachable) resolving '100.40.168.192.in-addr.arpa/PTR/IN': 2001:503:c27::2:30#53
05-Jul-2012 19:22:48.980 lame-servers: info: error (network unreachable) resolving '100.40.168.192.in-addr.arpa/PTR/IN': 2001:7fd::1#53
05-Jul-2012 19:22:48.981 lame-servers: info: error (network unreachable) resolving '100.40.168.192.in-addr.arpa/PTR/IN': 2001:500:1::803f:235#53
05-Jul-2012 19:22:53.984 queries: info: client 192.168.40.101#46674: view internal: query: 100.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:22:54.222 lame-servers: info: error (network unreachable) resolving '100.40.168.192.in-addr.arpa/PTR/IN': 2001:503:ba3e::2:30#53
05-Jul-2012 19:22:54.223 lame-servers: info: error (network unreachable) resolving '100.40.168.192.in-addr.arpa/PTR/IN': 2001:500:2f::f#53
05-Jul-2012 19:22:58.989 queries: info: client 192.168.40.100#49892: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:03.992 queries: info: client 192.168.40.100#49892: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:08.994 queries: info: client 192.168.40.100#49397: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:14.001 queries: info: client 192.168.40.100#49397: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:19.007 queries: info: client 192.168.40.100#51731: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:24.016 queries: info: client 192.168.40.100#51731: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:28.992 queries: info: client 192.168.40.100#35556: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:33.994 queries: info: client 192.168.40.100#35556: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:34.472 lame-servers: info: error (network unreachable) resolving '101.40.168.192.in-addr.arpa/PTR/IN': 2001:dc3::35#53
05-Jul-2012 19:23:39.004 queries: info: client 192.168.40.100#50975: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:40.104 lame-servers: info: error (network unreachable) resolving '101.40.168.192.in-addr.arpa/PTR/IN': 2001:7fd::1#53
05-Jul-2012 19:23:44.011 queries: info: client 192.168.40.100#50975: view internal: query: 101.40.168.192.in-addr.arpa IN PTR + (192.168.40.100)
05-Jul-2012 19:23:45.789 lame-servers: info: error (network unreachable) resolving '101.40.168.192.in-addr.arpa/PTR/IN': 2001:500:1::803f:235#53
05-Jul-2012 19:23:57.271 lame-servers: info: error (network unreachable) resolving '101.40.168.192.in-addr.arpa/PTR/IN': 2001:500:2f::f#53
05-Jul-2012 19:27:20.950 queries: info: client 192.168.40.100#47211: view internal: query: weather.noaa.gov IN A + (192.168.40.100)
05-Jul-2012 19:27:20.950 lame-servers: info: error (network unreachable) resolving 'weather.noaa.gov/A/IN': 2001:503:c27::2:30#53
05-Jul-2012 19:27:20.954 queries: info: client 192.168.40.100#47211: view internal: query: weather.noaa.gov IN AAAA + (192.168.40.100)
05-Jul-2012 19:27:25.954 queries: info: client 192.168.40.100#47211: view internal: query: weather.noaa.gov IN A + (192.168.40.100)
05-Jul-2012 19:27:25.954 queries: info: client 192.168.40.100#47211: view internal: query: weather.noaa.gov IN AAAA + (192.168.40.100)
05-Jul-2012 19:27:30.954 queries: info: client 192.168.40.100#55042: view internal: query: weather.noaa.gov.home.com IN A + (192.168.40.100)
05-Jul-2012 19:27:30.954 queries: info: client 192.168.40.100#55042: view internal: query: weather.noaa.gov.home.com IN AAAA + (192.168.40.100)
05-Jul-2012 19:27:32.158 lame-servers: info: error (network unreachable) resolving 'weather.noaa.gov/AAAA/IN': 2001:503:ba3e::2:30#53
05-Jul-2012 19:27:38.030 lame-servers: info: error (network unreachable) resolving 'weather.noaa.gov/A/IN': 2001:503:ba3e::2:30#53
05-Jul-2012 19:27:58.318 queries: info: client 192.168.40.100#41881: view internal: query: weather.noaa.gov IN A + (192.168.40.100)
05-Jul-2012 19:27:58.319 queries: info: client 192.168.40.100#41881: view internal: query: weather.noaa.gov IN AAAA + (192.168.40.100)
05-Jul-2012 19:28:03.323 queries: info: client 192.168.40.100#41881: view internal: query: weather.noaa.gov IN A + (192.168.40.100)
05-Jul-2012 19:28:03.323 queries: info: client 192.168.40.100#41881: view internal: query: weather.noaa.gov IN AAAA + (192.168.40.100)
05-Jul-2012 19:28:04.177 lame-servers: info: error (network unreachable) resolving 'weather.noaa.gov/AAAA/IN': 2001:dc3::35#53
05-Jul-2012 19:28:08.327 queries: info: client 192.168.40.100#48998: view internal: query: weather.noaa.gov.home.com IN A + (192.168.40.100)
05-Jul-2012 19:28:08.327 queries: info: client 192.168.40.100#48998: view internal: query: weather.noaa.gov.home.com IN AAAA + (192.168.40.100)
05-Jul-2012 19:28:10.045 lame-servers: info: error (network unreachable) resolving 'weather.noaa.gov/A/IN': 2001:503:c27::2:30#53
05-Jul-2012 19:28:10.118 lame-servers: info: error (network unreachable) resolving 'weather.noaa.gov/AAAA/IN': 2001:503:c27::2:30#53

So could someone help me on how do i troubleshoot DNS for delays and go about fixing it. I tried renicing the named process priority but even that didn't worked.

Any help is highly appreciated.

bathory · 07-06-2012, 02:04 AM

Hi,

Quote:

05-Jul-2012 19:22:48.977 lame-servers: info: error (network unreachable) resolving '100.40.168.192.in-addr.arpa/PTR/IN': 2001:503:c27::2:30#53

You don't have a reverse zone in your dns, so your clients queries are going down to the root servers. sendmail, ssh and others are always using reverse resolution.
So add the 40.168.192.in-addr.arpa zone definition in named.conf and the respective zone file

Regards

Rohit_4739 · 07-06-2012, 06:46 AM

Quote:

Originally Posted by bathory

Hi,

You don't have a reverse zone in your dns, so your clients queries are going down to the root servers. sendmail, ssh and others are always using reverse resolution.
So add the 40.168.192.in-addr.arpa zone definition in named.conf and the respective zone file

Regards

Thanks Bathory,

Ok i understand about Sendmail, SSH, but how about ping ?

bathory · 07-06-2012, 07:53 AM

Quote:

Originally Posted by Rohit_4739

Thanks Bathory,

Ok i understand about Sendmail, SSH, but how about ping ?

Ping does not use dns if possible, so the only thing I can think of is maybe a busy network, or a flaky network component.

Rohit_4739 · 07-06-2012, 12:00 PM

Quote:

Originally Posted by bathory

Ping does not use dns if possible, so the only thing I can think of is maybe a busy network, or a flaky network component.

Thanks a lot bathory, it worked. Initially when i looked at Named logs i thought that it might be due to missing reverse zone file but then i wasn't sure.

Thumbs up to you !!!