• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 332
  • Last Modified:

Big delay on DNS

Dear experts.

I have problem that my Linux box takes a quite long time to resolve an internet name for the first time. However, once the name is resolved, the next calling will be successfull without delay.

Linux box : Clark Connect 1.2 (Redhat 7.3 derivative)
local DNS : chaching DNS server (as installation, I didn't change anything)
Main DNS : other DNS server on my network
Firewall : accept everything but log it for the test.

Some examples are here
(My IP is masked to 1.2.3.4, My main DNS is masked to 1.2.3.1):
=========================
# nslookup -sil www.altavista.com
;; connection timed out; no servers could be reached

# nslookup -sil www.altavista.com
;; connection timed out; no servers could be reached

# nslookup -sil www.altavista.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: www.altavista.com
Address: 209.73.164.91
=========================
# ping www.lycos.com
ping: unknown host www.lycos.com
# ping www.lycos.com
ping: unknown host www.lycos.com
# ping www.lycos.com
PING www.lycos.com.akadns.net (209.202.192.25) from 1.2.3.4 : 56(84) bytes of data.
64 bytes from www.lycos.com (209.202.192.25): icmp_seq=1 ttl=243 time=31 ms
========================

This is the firewall log during the failed tests
==============================
Mar 10 05:35:31 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1068 DPT=53 LEN=40
Mar 10 05:35:36 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1025 DPT=53 LEN=40
Mar 10 05:35:37 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1068 DPT=53 LEN=40
==============================

Then this is the firewall log before the successfull test
==============================
Mar 10 05:35:42 rob01 kernel: Firewall ACC IN=eth0 OUT= SRC=1.2.3.1 DST=1.2.3.4 LEN=226 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=53 DPT=1066 LEN=206
Mar 10 05:35:42 rob01 kernel: Firewall ACC IN= OUT=eth0 SRC=1.2.3.4 DST=1.2.3.1 LEN=254 TOS=0x00 PREC=0xC0 TTL=64 ID=49813 PROTO=ICMP TYPE=3 CODE=3 [SRC=134.115.8.33 DST=134.115.124.126 LEN=226 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=53 DPT=1066 LEN=206 ]
===========================


Thank you for your help.

0
Kocil
Asked:
Kocil
  • 2
1 Solution
 
periwinkleCommented:
look at your /etc/resolv.conf file and make certain that the nameservers are valid.  Also make certain that any of the domains in the Search line (if any) contain a valid server to search.

It sounds like perhaps you have some servers listed that are no longer valid?
0
 
pjedmondCommented:
You need a line like:

nameserver 209.202.192.25


in your /etc/resolv.conf

Where the ip is the address of the DNS server - As you can actually ping the above nameserver, inserving the above line into your resolv.conf should solve the problem:)

0
 
periwinkleCommented:
kocil - glad to have helped!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now