[CentOS] Slow domain resolution problem

Wed Aug 25 17:21:28 UTC 2010
Keith Roberts <keith at karsites.net>

On Wed, 25 Aug 2010, Les Mikesell wrote:

> To: centos at centos.org
> From: Les Mikesell <lesmikesell at gmail.com>
> Subject: Re: [CentOS] Slow domain resolution problem
> 
> On 8/23/2010 10:08 AM, Gabriel Tabares wrote:
>>
>> One more thing, if this is the case, why does the nslookup respond
>> straight away? Is the destination server trying to somehow validate the
>> host where the connection came from?
>
> Some servers do, some don't.  The ones that do are often just trying to
> log a name instead of the connecting IP address so you might be able to
> reconfigure the servers.  It doesn't matter if this lookup fails as long
> as the response comes quickly.  But, your earlier post indicated that
> you only had a private DNS server.  If you request something it doesn't
> know, what happens?  Does it attempt to resolve from public servers that
> are firewalled?   And if so does the firewall block with an 'icmp
> denied' response or just silently drop the request or response?  In the
> latter case, the server and application are forced to wait for the timeout.
>
> In my opinion the 'right' solution to reverse-dns is to always make sure
> your own server responds to all the private address range zones and any
> public ranges you control even if you don't have complete or correct
> information for them.  No one else will either so you might as well not
> bother the upstream servers with queries caused by your bad configuration.
>
> --
>   Les Mikesell
>    lesmikesell at gmail.com
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

It might help identify the problem by installing and running 
wireshark:

[root]# yum info wireshark*

1683 packages excluded due to repository priority protections
Installed Packages
Name       : wireshark
Arch       : i386
Version    : 1.0.11
Release    : 1.el5_5.5
Size       : 40 M
Repo       : installed
Summary    : Network traffic analyzer
URL        : http://www.wireshark.org/
License    : GPL
Description: Wireshark is a network traffic analyzer for Unix-ish operating
            : systems.
            :
            : This package lays base for libpcap, a packet capture and filtering
            : library, contains command-line utilities, contains plugins and
            : documentation for wireshark. A graphical user interface is packaged
            : separately to GTK+ package.

Name       : wireshark-gnome
Arch       : i386
Version    : 1.0.11
Release    : 1.el5_5.5
Size       : 1.6 M
Repo       : installed
Summary    : Gnome desktop integration for wireshark and wireshark-usermode
URL        : http://www.wireshark.org/
License    : GPL
Description: Contains wireshark for Gnome 2 and desktop integration file

That should give you some clues as to what's happening.

Kind Regards,

Keith Roberts

-----------------------------------------------------------------
Websites:
http://www.php-debuggers.net
http://www.karsites.net
http://www.raised-from-the-dead.org.uk

All email addresses are challenge-response protected with
TMDA [http://tmda.net]
-----------------------------------------------------------------