[CentOS] Slow domain resolution problem

Mon Aug 23 13:48:05 UTC 2010
Giles Coochey <giles at coochey.net>

On Mon, August 23, 2010 15:43, Gabriel Tabares wrote:
> On 23/08/2010 13:28, Joseph L. Casale wrote:
>>> Both files are the default ones from CentOS:
>>>
>> So what do the host names look like that the application
>> attempts to resolve, fully qualified or not? What does your
>> cli based query look like?
>>
>>
>
> My resolv.conf is:
>
> search mydomain.com
> nameserver 10.3.2.2
>
> The hostname of the machines is set to a FQDN server.mydomain.com.
>
> The time it takes for the queries does not change whether we use the
> FQDN or just the hostname.
>
> See below for an example (I stopped the mail server so the connection
> was refused).
>

The problems can sometimes be caused by not having reverse-DNS records for
your hosts. Can you resolve to names (any name) from an IP address?
e.g. nslookup 10.2.9.2?

It doesn't matter if it doesn't resolve to the rigt name, just that it
resolves to something (and avoids the timeout)...

> #time telnet  md-mail02.mydomain.com 25
> (long wait)
> Trying 10.2.9.2...
> telnet: connect to address 10.2.9.2: Connection refused
> telnet: Unable to connect to remote host: Connection refused
>
> real    0m20.005s
> user    0m0.000s
> sys     0m0.005s
>
> #time telnet  md-mail02 25
> (long wait)
> Trying 10.2.9.2...
> telnet: connect to address 10.2.9.2: Connection refused
> telnet: Unable to connect to remote host: Connection refused
>
> real    0m10.004s
> user    0m0.001s
> sys     0m0.002s
>
> #time telnet  10.2.9.2 25
> (no wait)
> Trying 10.2.9.2...
> telnet: connect to address 10.2.9.2: Connection refused
> telnet: Unable to connect to remote host: Connection refused
>
> real    0m0.005s
> user    0m0.001s
> sys     0m0.002s
>
> Nslookup responds immediately:
>
> #time nslookup my-mail02.mydomain.com
> Server:         10.2.2.254
> Address:        10.2.2.254#53
>
> Non-authoritative answer:
> Name:   my-mail02.mydomain.com
> Address: 10.2.9.2
>
>
> real    0m0.006s
> user    0m0.003s
> sys     0m0.003s
>
> #time nslookup my-mail02
> Server:         10.2.2.254
> Address:        10.2.2.254#53
>
> Non-authoritative answer:
> Name:   my-mail02.mydomain.com
> Address: 10.2.9.2
>
>