On 2009-05-25 13:21, carlopmart wrote:
Paul Bijnens wrote:
On 2009-05-25 12:51, carlopmart wrote:
I have a problem using named with different CentOS5 servers (2 servers): all they are really slow to resolv any internet address and most of time fails to resolv. This situation differs if I use "forwarders" servers like opendns: resolving names it is really really quickly. And I don't understand why.
On the other hand I have tested three DNS servers using Windows 2003, Windows 2008 and Ubuntu hardy and these problems doesn't occurs (I don't need to configure forwarders on any of them): all resolves any name and really fast.
IPv6 is disabled on both CentOS servers. Somebody knows why these dns servers are slow??
My crystal ball is in repair. Could you in the meantime add some more hints, e.g. your config files, and how you diagnosed the slowness.
My CentOS5 DNS-servers do resolve really quickly, with or without forwarders.
Ok, my named.conf:
// // named.conf //
options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; listen-on port 53 { 127.0.0.1; 172.25.50.10; }; version "DNS Server v2.0"; dnssec-enable no; query-source port 53; forwarders { 208.67.220.220; 208.67.222.222; }; };
logging { channel security_channel { file "/var/named/data/security.log" versions 3 size 1m; severity debug; print-time yes; print-category yes; print-severity yes; }; channel default { syslog local4; severity info; print-category yes; print-severity yes; }; channel query_log { file "/var/named/data/query.log" versions 3 size 1m; print-time yes; }; category security { security_channel; default; }; category queries { query_log; }; channel default_debug { file "/var/named/data/named.run"; severity dynamic; }; category lame-servers { null; }; category default { default; }; };
controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; };
When you're not using forwarding, the dns server should have some basic knowledge of the root servers. So add something like:
// prime the server with knowledge of the root servers zone "." { type hint; file "/path/to/the/file/having/named.root"; };
And the file itself can be downloaded (and updated now and then) from:
http://www.internic.net/zones/named.root
And to avoid forwarding on silly resolutions for localhost or 127.x.x.x you can do the same with a local "type master" zone for those two zones as well:
// be authoritative for the localhost forward and reverse zones zone "localhost" { type master; file "/path/to/the/file/having/localhost.zone"; }; zone "127.in-addr.arpa" { type master; file "/path/to/the/file/having/ptr-127.zone"; };