Has anyone had problems accessing random websites since going up to 6.4?
Since about the day after I got partly upgraded, if I try to access nytimes.com, or orbitz.com, I get server not found.
With a lot of work, I, my manager, and the other admin, found that setting options edns0 in /etc/resolv.conf fixed it - I suspect that the network folks updated their internal nameservers (which are M$) about that time... but... we got this Thurs. Friday, I went to look, lunchtime, at a story, and back to the same. Later, and I think I was playing around, it came back.
Just now, over lunch, it failed... until I restarted nscd. My manager tells me it's caching... but it seems to be caching momentary failures.
So: has anyone else seen oddness that might be related to nscd?
mark
m.roth@5-cent.us wrote:
Has anyone had problems accessing random websites since going up to 6.4?
Since about the day after I got partly upgraded, if I try to access nytimes.com, or orbitz.com, I get server not found.
With a lot of work, I, my manager, and the other admin, found that setting options edns0 in /etc/resolv.conf fixed it - I suspect that the network folks updated their internal nameservers (which are M$) about that time... but... we got this Thurs. Friday, I went to look, lunchtime, at a story, and back to the same. Later, and I think I was playing around, it came back.
Just now, over lunch, it failed... until I restarted nscd. My manager tells me it's caching... but it seems to be caching momentary failures.
So: has anyone else seen oddness that might be related to nscd?
A quick followup of myself to provide more info: I see, in /etc/nscd.conf, that all the negative ttl's appear to be 20 sec, but I'm resonably sure that once I lose it, it's > 20 sec before go back to try again, and it's still not gone.
mark
On Tue, Mar 26, 2013 at 6:26 AM, m.roth@5-cent.us wrote:
Has anyone had problems accessing random websites since going up to 6.4?
Since about the day after I got partly upgraded, if I try to access nytimes.com, or orbitz.com, I get server not found.
With a lot of work, I, my manager, and the other admin, found that setting options edns0 in /etc/resolv.conf fixed it - I suspect that the network folks updated their internal nameservers (which are M$) about that time... but... we got this Thurs. Friday, I went to look, lunchtime, at a story, and back to the same. Later, and I think I was playing around, it came back.
Just now, over lunch, it failed... until I restarted nscd. My manager tells me it's caching... but it seems to be caching momentary failures.
So: has anyone else seen oddness that might be related to nscd?
Do you want the whole book? 'nscd' is a synonym for weird. I've had many strange DNS issues which have been solved by either bouncing nscd or purging its cache entries.
However, you appear to be using nscd on your machine to cache DNS and using the internal MS DSN servers to do the actual lookups. Am I correct? In which case, the MS DNS server should be caching the DNS lookups anyway, so you probably don't derive a lot of benefit from the nscd unless you do a lot of repeated DNS lookups.
Cheers,
Cliff
On Tuesday, Cliff Pratt wrote:
On Tue, Mar 26, 2013 at 6:26 AM, m.roth@5-cent.us wrote:
Has anyone had problems accessing random websites since going up to 6.4?
Since about the day after I got partly upgraded, if I try to access nytimes.com, or orbitz.com, I get server not found.
With a lot of work, I, my manager, and the other admin, found that setting options edns0 in /etc/resolv.conf fixed it - I suspect that the network folks updated their internal nameservers (which are M$) about that time... but... we got this Thurs. Friday, I went to look, lunchtime, at a story, and back to the same. Later, and I think I was playing around, it came back.
Just now, over lunch, it failed... until I restarted nscd. My manager tells me it's caching... but it seems to be caching momentary failures.
So: has anyone else seen oddness that might be related to nscd?
Do you want the whole book? 'nscd' is a synonym for weird. I've had many strange DNS issues which have been solved by either bouncing nscd or purging its cache entries.
However, you appear to be using nscd on your machine to cache DNS and using the internal MS DSN servers to do the actual lookups. Am I correct? In which case, the MS DNS server should be caching the DNS lookups anyway, so you probably don't derive a lot of benefit from the nscd unless you do a lot of repeated DNS lookups.
Cheers,
Cliff
NSCD is also necessary if you're running an LDAP or NIS environment, so don't just turn it off if you're using external authentication services. In a Winbind environment, NSCD is unnecessary however.
-- Gary L. Greene, Jr. Sr. Systems Administrator IT Operations Minerva Networks, Inc.
On Mon, Mar 25, 2013 at 11:06:31PM +0000, Gary Greene wrote:
NSCD is also necessary if you're running an LDAP or NIS environment,
Not necessary in a NIS environment on a LAN 'cos NIS is UDP based and very very fast to respond. LDAP, however, pretty much needs nscd (or sssd) in order to be halfway near performant.
On 03/25/2013 04:06 PM, Gary Greene wrote:
NSCD is also necessary if you're running an LDAP or NIS environment, so don't just turn it off if you're using external authentication services. In a Winbind environment, NSCD is unnecessary however.
I would advise all users to migrate to sssd from nscd.
On Tue, Mar 26, 2013 at 12:06 PM, Gary Greene ggreene@minervanetworks.com wrote:
On Tuesday, Cliff Pratt wrote:
On Tue, Mar 26, 2013 at 6:26 AM, m.roth@5-cent.us wrote:
Has anyone had problems accessing random websites since going up to 6.4?
Since about the day after I got partly upgraded, if I try to access nytimes.com, or orbitz.com, I get server not found.
With a lot of work, I, my manager, and the other admin, found that setting options edns0 in /etc/resolv.conf fixed it - I suspect that the network folks updated their internal nameservers (which are M$) about that time... but... we got this Thurs. Friday, I went to look, lunchtime, at a story, and back to the same. Later, and I think I was playing around, it came back.
Just now, over lunch, it failed... until I restarted nscd. My manager tells me it's caching... but it seems to be caching momentary failures.
So: has anyone else seen oddness that might be related to nscd?
Do you want the whole book? 'nscd' is a synonym for weird. I've had many strange DNS issues which have been solved by either bouncing nscd or purging its cache entries.
However, you appear to be using nscd on your machine to cache DNS and using the internal MS DSN servers to do the actual lookups. Am I correct? In which case, the MS DNS server should be caching the DNS lookups anyway, so you probably don't derive a lot of benefit from the nscd unless you do a lot of repeated DNS lookups.
Cheers,
Cliff
NSCD is also necessary if you're running an LDAP or NIS environment, so don't just turn it off if you're using external authentication services. In a Winbind environment, NSCD is unnecessary however.
Ah, yes, indeed. Thanks Gary,
Cliff
On 03/25/2013 10:26 AM, m.roth@5-cent.us wrote:
Just now, over lunch, it failed... until I restarted nscd. My manager tells me it's caching... but it seems to be caching momentary failures.
That could be coincidence. As far as I know, Firefox will not use nscd for hostname lookups. I confirmed Firefox using strace, but not others.
If edns0 changed your system's behavior, I would suspect that someone recently turned on DNSSEC, and it's not working correctly.
-
Cliff Pratt -
Gary Greene -
Gordon Messmer -
m.roth@5-cent.us -
Stephen Harris