Slow DNS Lookup (and no IPv6-issue???) - Networking

This is a discussion on Slow DNS Lookup (and no IPv6-issue???) - Networking ; Hi, my dns lookups take several (~ 6-10) seconds every time. I tried a lot of things, but now I ran out of ideas. What I tried up to now is: - Deactivate IPv6: The most common advice about slow ...

+ Reply to Thread
Results 1 to 19 of 19

Thread: Slow DNS Lookup (and no IPv6-issue???)

  1. Slow DNS Lookup (and no IPv6-issue???)

    Hi,

    my dns lookups take several (~ 6-10) seconds every time. I tried a lot
    of things, but now I ran out of ideas. What I tried up to now is:
    - Deactivate IPv6: The most common advice about slow dns lookups
    didn't work in my case. IPv6 is already successfully deactivated (at
    least "lsmod | grep ipv6" claims that), but the problem continues.
    Also deactivation IPv6-lookups for certain programs (like firefox or
    ssh) doesn't help.
    - Use other nameservers: Changing the nameserver in /etc/resolv.conf
    to other ones didn't change anything as well. Besides, the original
    nameservers are working well on other systems!
    - Adding "option timeout:1" to or removing "domain ..." or
    "search ..." lines from the /etc/resolv.conf file: Also didn't help...

    Any further ideas?

    Thanks!
    Chris

    PS: Distro "Debian Lenny Amd64" out of the box, only ndiswrapper
    installed and WLAN configured

  2. Re: Slow DNS Lookup (and no IPv6-issue???)

    Hello,

    info@cheffestl.de a écrit :
    >
    > my dns lookups take several (~ 6-10) seconds every time. I tried a lot
    > of things, but now I ran out of ideas. [...]


    Are DNS queries using a DNS tool such as host, dig... slow too ?

    E.g. :
    $ host -t A www.google.com

    If not, it may be a problem in the local resolver setup (/etc/host.conf,
    /etc/nsswitch.conf).

  3. Re: Slow DNS Lookup (and no IPv6-issue???)

    On Sun, 6 Jul 2008 02:41:07 -0700 (PDT), info@cheffestl.de wrote:
    > Hi,
    >
    > my dns lookups take several (~ 6-10) seconds every time. I tried a lot
    > of things, but now I ran out of ideas. What I tried up to now is:
    >
    > Any further ideas?


    I can suggest dumping your configuration for us to look at.


    -------- standard debug network problem text/script follows: ------------
    dump_net.txt version 4.8


    If you read http://www.catb.org/~esr/faqs/smart-questions.html
    it will suggest you provide any information about your setup which might
    help troubleshoot your problem. Example, Internet connection type,
    (cable, adsl,,,), it's hardware, (vendor/model of the modem).
    Maybe that your system is hooked to a hub/switch/router and type of
    hookup, (Ethernet,usb, wireless,...), distribution, config file values,... .

    We need to know about your network hardware and see your config settings.

    Something does not start up, try
    dmesg
    and/or look through /var/log/messages for an error message.

    If your problem is slow network give a URL so we can try it.

    Once you get your network running, you may want to run xx one last time
    and save the output file for disk crash/new installs

    Might not hurt to save xx for one of a network debugging checklist steps.

    The following ambidextrous script is for suse, mandriva, ubuntu, kubuntu
    and will dump your hardware status, network settings and config files used
    in network setup. We need that information to troubleshoot your problem.

    If you are having to use windows to access Usenet:
    Format a diskette on the windows system.


    Copy the following xx.txt script into xx.txt using notepad.exe
    then save xx.txt to the diskette/cd/usb stick.

    To get the script results back to Windows and
    none of the above hardware works, you can use http://www.fs-driver.org/

    If you do not want some malware writing to linux. You can replace it
    with http://www.diskinternals.com/linux-reader/ which does not
    provide write access to linux.

    The above assumes you have not created a FAT partition to exchange
    files between OSs. If you did, copy dosa.txt to it from linux and read
    it from windows.

    I do recommend remove/un-installing the windows/linux file system
    driver after you get the linux network up.

    Makes your Windows Anti Virus scanner run much faster after removal.

    Also, if logged into windows, it would be nice to include your windows
    network settings. Click up a Prompt/cmd/terminal and add in contents from
    ipconfig /all
    when you reply with linux settings.


    If using linux for Usenet access, su - root, copy script text into xx
    chmod +x xx
    ./xx

    and include a.txt (if on linux) or dosa.txt (if on windows) in your reply.
    Do not attach it.

    NOTE: to become root, you need to do a
    su - root
    not su root

    For the suse, ubuntu, kubuntu users,
    sudo -i
    chmod +x xx
    ../xx

    exit will exit the sudo -i command.

    Do not change text formatting of the output file.
    If you want to hide something like domain name, use an editor to do a global
    substitution of .yourdomain.com to .invalid.com
    Do not worry about showing you LAN ip addresses because
    nobody is going to be able to connect to 198.162.x.x from the Internet.
    You dinking with ip addresses could hide the problem or send us off on a
    snipe hunt.

    If xx is not in your home directory, you will have to provide the full
    path in place of $HOME. Example:
    sudo -i
    chmod +x /some/where/xx
    /some/where/xx



    ------------------ Script starts below this line ---------
    #!/bin/bash
    #************************************************* ************
    #*
    #* xx - Dump network config files and network hardware status
    #*
    #* Output: a.txt is the linux file
    #* dosa.txt is the Windows file
    #*
    #************************************************* ************

    _fn=a.txt
    _out_fn=$PWD/$_fn
    _dos_fn=$PWD/dos${_fn}
    _home=$PWD

    function cat_fn
    {
    _fn=$1
    if [ -f $_fn ] ; then
    _count=$(stat -c %s $_fn )
    if [ $_count -gt 0 ] ; then
    echo "=== cat $_fn ====" >> $_out_fn
    cat $_fn >> $_out_fn
    fi
    fi
    } # end cat_fn

    function grep_fn
    {
    _fn=$1
    if [ -e $_fn ] ; then
    _count=$(stat -c %s $_fn )
    if [ $_count -gt 0 ] ; then
    _count=$(grep -v '^#' $_fn | wc -l)
    if [ $_count -gt 0 ] ; then
    echo "======== grep -v '^#' $_fn ==========" >> $_out_fn
    if [ "$_fn" != "shorewall.conf" ] ; then
    grep -v '^#' $_fn >> $_out_fn
    else
    awk 'empty{if (!/^#/) print; empty=0} /^$/{empty=1}' $_fn >> $_out_fn
    fi
    fi
    fi
    fi
    } # end grep_fn

    function ls_dir
    {
    _dr=$1
    if [ -d $_dr ] ; then
    echo "========= cd $_dr ; ls -al ========" >> $_out_fn
    cd $_dr
    ls -al >> $_out_fn
    fi
    } # end ls_dir

    function tail_fn
    {
    _fn=$1
    if [ -e $_fn ] ; then
    echo "======== tail -18 $_fn ==========" >> $_out_fn
    tail -18 $_fn >> $_out_fn
    fi
    } # end tail_fn

    #********************************
    # check if commands are in $PATH
    # and if not add them to PATH
    #********************************

    _path=""
    type ifconfig > /dev/null 2>&1
    if [ $? -ne 0 ] ; then
    _path="${_path}/sbin:"
    fi

    type cat > /dev/null 2>&1
    if [ $? -ne 0 ] ; then
    _path="${_path}/bin:"
    fi

    type id > /dev/null 2>&1
    if [ $? -ne 0 ] ; then
    _path="${_path}/usr/bin:"
    fi

    if [ -n "$_path" ] ; then
    PATH=${_path}$PATH
    export PATH
    fi

    #*****************************************
    # check if root and logged in correctly
    #*****************************************

    _uid=$(id --user)

    if [ $_uid -ne 0 ] ; then
    echo " "
    echo "You need to be root to run $0"
    echo "Click up a terminal and do the following:"
    echo " "
    echo "su - root"
    echo "$PWD/xx"
    echo " "
    echo "or "
    echo " "
    echo "sudo -i"
    echo "$PWD/xx"
    echo " "
    exit 1
    fi

    root_flg=1

    if [ -n "$LOGNAME" ] ; then
    if [ "$LOGNAME" != "root" ] ; then
    root_flg=0
    fi
    fi

    if [ -n "$USER" ] ; then
    if [ "$USER" != "root" ] ; then
    root_flg=0
    fi
    fi

    if [ $root_flg -eq 0 ] ; then
    echo " "
    echo "Guessing you did a su root"
    echo "instead of a su - root"
    echo "please exit/logout of this session and do the following:"
    echo " "
    echo "su - root"
    echo "$PWD/xx"
    echo " "
    echo "or "
    echo " "
    echo "sudo -i"
    echo "$PWD/xx"
    echo " "
    exit 1
    fi


    #********************************
    # main code starts here
    #********************************


    echo "Working, output will be in $_out_fn "

    date > $_out_fn
    chmod 666 $_out_fn

    if [ -n "$_path" ] ; then
    echo "======== echo $PATH ==========" >> $_out_fn
    echo "$PATH" >> $_out_fn 2>&1
    fi


    type lsb_release > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    cat_fn /etc/release
    echo "======== lsb_release -a ==========" >> $_out_fn
    lsb_release -a >> $_out_fn 2>&1
    else

    for _d in /etc/*release ; do
    if [ ! -d $_d ] ; then
    echo "======== cat $_d ==========" >> $_out_fn
    cat $_d >> $_out_fn
    fi
    done

    for _d in /etc/*version ; do
    if [ ! -d $_d ] ; then
    echo "======== cat $_d ==========" >> $_out_fn
    cat $_d >> $_out_fn
    fi
    done

    cat_fn /proc/*version

    fi



    echo "======== uname -rvi =============" >> $_out_fn
    uname -rvi >> $_out_fn

    echo " " >> $_out_fn
    if [ -n "$SECURE_LEVEL" ] ; then
    echo "msec security level is $SECURE_LEVEL" >> $_out_fn
    fi

    echo "
    $(grep 'model name' /proc/cpuinfo)
    $(grep 'cpu MHz' /proc/cpuinfo)

    " >> $_out_fn

    cat_fn /etc/urpmi/urpmi.cfg

    echo "======== free ==========" >> $_out_fn
    free >> $_out_fn 2>&1
    echo " " >> $_out_fn

    if [ -e /etc/inittab ] ; then
    _line=$(grep :initdefault /etc/inittab)
    set -- $(IFS=':'; echo $_line)
    echo " " >> $_out_fn
    echo "Default run level is $2" >> $_out_fn
    echo " " >> $_out_fn
    fi

    type chkconfig > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    echo "======== chkconfig --list ==========" >> $_out_fn
    for _serv in avahi named tmdns ; do
    chkconfig --list | grep -i $_serv > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    echo "Double check if /$_serv/ needs to be disabled on boot" >> $_out_fn
    chkconfig --list | grep -i $_serv >> $_out_fn
    fi
    done

    chkconfig --list >> $_out_fn

    else
    echo "======== ls -o /etc/rcS.d/ ==========" >> $_out_fn
    for _serv in avahi named tmdns ; do
    ls /etc/rcS.d/S* | grep $_serv > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    echo "Double check if /$_serv/ needs to be disabled on boot" >> $_out_fn
    fi
    done

    ls -o /etc/rcS.d >> $_out_fn
    fi

    _fn=/etc/nsswitch.conf
    if [ -e $_fn ] ; then
    echo "======== grep hosts: $_fn ==========" >> $_out_fn
    grep hosts: $_fn >> $_out_fn
    fi

    grep_fn /etc/resolv.conf

    grep_fn /etc/resolvconf/resolv.conf.d/head
    cat_fn /etc/resolvconf/resolv.conf.d/base
    cat_fn /etc/resolvconf/resolv.conf.d/tail


    echo "======== hostname --fqdn ==========" >> $_out_fn
    hostname --fqdn >> $_out_fn

    cat_fn /etc/netprofile/profiles/default/files/etc/hosts
    cat_fn /etc/hostname
    cat_fn /etc/HOSTNAME

    ls /etc/mod*.conf > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    echo "======== grep eth /etc/mod*.conf ==========" >> $_out_fn
    grep -i eth /etc/mod*.conf >> $_out_fn
    fi

    if [ -e /etc/modprobe.conf ] ; then
    echo "======== cat /etc/modprobe.conf ==========" >> $_out_fn
    cat /etc/modprobe.conf >> $_out_fn
    fi

    cat_fn /etc/dhclient-enter-hooks
    cat_fn /etc/dhclient-exit-hooks

    grep_fn /etc/host.conf

    echo "================ ifconfig -a ==============" >> $_out_fn
    ifconfig -a >> $_out_fn

    cat_fn /etc/iftab
    cat_fn /etc/udev/rules.d/61-net_config.rules

    echo "============== route -n =================" >> $_out_fn
    route -n >> $_out_fn

    cat_fn /etc/sysconfig/network/routes

    cat_fn /etc/sysconfig/network
    grep_fn /etc/mkinitramfs/initramfs.conf

    echo "========== head -15 /etc/hosts ===========" >> $_out_fn
    head -15 /etc/hosts >> $_out_fn

    cat_fn /etc/network/interfaces
    cat_fn /var/run/network/ifstate
    cat_fn /etc/dhclient.conf

    if [ -e /etc/ifplugd/ifplugd.conf ] ; then
    echo "========== grep -v '^#' /etc/ifplugd/ifplugd.conf ========" >> $_out_fn
    grep -v '^#' /etc/ifplugd/ifplugd.conf >> $_out_fn
    fi


    ethtool_flg=0
    type ethtool > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    ethtool_flg=1
    fi

    mii_tool_flg=0
    type mii-tool > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    mii_tool_flg=1
    fi

    for _dir in /etc/sysconfig/network-scripts \
    /etc/sysconfig/networking/devices \
    /etc/sysconfig/networking/profiles/default
    do
    if [ -d $_dir ] ; then
    _cnt=$(ls $_dir/ifcfg-eth* 2> /dev/null | wc -w )
    if [ $_cnt -gt 0 ] ; then
    echo "========== ls $_dir/ifcfg-eth* ===" >> $_out_fn
    ls $_dir/ifcfg-eth* >> $_out_fn
    fi
    fi
    done

    for nic in 0 1 2 3 ; do

    if [ $mii_tool_flg -eq 1 ] ; then
    mii-tool -v eth$nic > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    echo "======== mii-tool -v eth$nic ==========" >> $_out_fn
    mii-tool -v eth$nic >> $_out_fn
    fi
    fi

    if [ $ethtool_flg -eq 1 ] ; then
    ethtool eth$nic > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    echo "======== ethtool eth$nic ==========" >> $_out_fn
    ethtool eth$nic >> $_out_fn
    fi
    fi

    echo "=== dmesg | grep eth$nic | grep -v SRC= ===" >> $_out_fn
    dmesg | grep eth$nic | grep -v SRC= >> $_out_fn

    echo "=== grep eth$nic /var/log/messages | tail -10 ===" >> $_out_fn
    grep eth$nic /var/log/messages | tail -10 >> $_out_fn

    cat_fn /etc/sysconfig/network-scripts/ifcfg-eth$nic
    cat_fn /etc/sysconfig/networking/devices/ifcfg-eth$nic
    cat_fn /etc/sysconfig/networking/profiles/default/ifcfg-eth$nic

    ifconfig eth$nic > /dev/null 2>&1
    if [ $? -eq 0 ] ; then
    set $(ifconfig eth$nic | tr [A-Z] [a-z])
    cat_fn /etc/sysconfig/network/ifcfg-eth-id-$5
    fi

    tail_fn /var/lib/dhcp/dhclient-eth${nic}.leases
    tail_fn /var/lib/dhclient/dhclient-eth${nic}.leases
    tail_fn /etc/dhcpc/dhcpcd-eth${nic}.info

    done # end for nic in 0 1 2 3 ; do


    _dir=/etc/NetworkManager/dispatcher.d
    if [ -d $_dir ] ; then
    ls_dir $_dir

    for _d in "if-up.d" "if-down.d" "if-pre-up.d" "if-post-down.d" ; do
    if [ -e /etc/network/${_d} ] ; then
    echo "==== cd /etc/network/${_d} ; ls -al ===" >> $_out_fn
    cd /etc/network/${_d}
    ls -al >> $_out_fn
    fi
    done
    fi

    if [ -d /etc/sysconfig/network-scripts ] ; then
    for _d in "ifdown.d" "ifup.d" ; do
    if [ -e /etc/sysconfig/network-scripts/${_d} ] ; then
    _cmd="cd /etc/sysconfig/network-scripts/${_d} ; ls -al "
    echo "===== $_cmd ====" >> $_out_fn
    cd /etc/sysconfig/network-scripts/${_d}
    ls -al >> $_out_fn
    fi
    done
    fi

    ls_dir /etc/dhcp3/dhclient-exit-hooks.d
    ls_dir /etc/resolvconf/update.d


    if [ -d /etc/shorewall ] ; then
    _count=$(chkconfig --list shorewall | grep -c n )
    if [ $_count -gt 0 ] ; then
    echo "======= Shorewall settings =========" >> $_out_fn
    cd /etc/shorewall
    for _f in $(ls) ; do
    echo "======= $_f =========" >> $_out_fn
    grep_fn $_f
    done
    fi
    fi


    cd $_home

    grep_fn /etc/hosts.allow
    grep_fn /etc/hosts.deny
    echo "==== end of config/network data dump =======" >> $_out_fn

    awk '{print $0 "\r" }' $_out_fn > $_dos_fn
    chmod 666 $_dos_fn


    echo " "
    echo "If posting via linux, post contents of $_out_fn"
    echo "You might want to copy it to your account with the command"
    echo "cp $_out_fn ~your_login"
    echo " "
    echo "If posting via windows, post contents of $_dos_fn"
    echo " "
    echo "If using diskette,"
    echo "Copy $_dos_fn to diskette with the following commands:"
    echo " "
    echo "mkdir -p /floppy"
    echo "mount -t auto /dev/fd0 /floppy"
    echo "cp $_dos_fn /floppy"
    echo "umount /floppy "
    echo " "
    echo "and $_dos_fn is ready for windows from diskette"
    echo " "

    #*********** end of dump xx.txt script *********

    ----------- script ends above this line ------------------------

    and then copy xx.txt to the diskette.

    On some linux distributions, you may need to get into the User/Group
    screen, show all users, double click root, create the password, and
    enable root. Root's password should never be the same as anyone else's.

    To move xx.txt from diskette to the linux box, click up a linux terminal
    su - root
    (root's passwd)

    mkdir -p /floppy
    mount -t auto /dev/fd0 /floppy
    tr -d '\015' < /floppy/xx.txt > xx
    chmod +x xx
    ../xx

    Back on the windows OS, you can cut/paste the a:\dosa.txt into your reply
    under windows.
    Do not attach it.

    When you do reply, please remove/trim my response/text/script from your reply
    before you add in the results/output of the script.

    If you are dual booting the box, you can copy xx.txt to linux from windows.
    Note: The following assumes /dev/hda1 is where windows is installed on the
    first partition on the C: drive
    If you have sata drive, you may have to use /dev/sda1 instead of /dev/hda1.

    cat /etc/fstab to see which value will be required.
    Do keep quotes used in the following:
    mkdir -p /doze
    mount -t auto /dev/hda1 /doze
    tr -d '\015' < "/doze/wherever/you_saved/xx.txt" > xx
    umount /doze


    On windows you can read dosa.txt from a linux partition if you installed
    windows linux file system driver from
    http://uranus.it.swin.edu.au/~jn/linux/explore2fs.htm

    Remember to remove/uninstall it to allow your Windows Anti Virus
    scanner to run faster.

  4. Re: Slow DNS Lookup (and no IPv6-issue???)

    Hi,

    thanks for your answers!

    Yes, the problem also occurs for "dig" and "host".

    And here the result of the network-config-dump-script:



    Sun Jul 6 16:30:05 CEST 2008
    ======== lsb_release -a ==========
    No LSB modules are available.
    Distributor ID: Debian
    Description: Debian GNU/Linux testing (lenny)
    Release: testing
    Codename: lenny
    ======== uname -rvi =============
    2.6.24-1-amd64 #1 SMP Sat May 10 09:28:10 UTC 2008 unknown


    model name : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz
    model name : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz
    cpu MHz : 1833.000
    cpu MHz : 1833.000


    ======== free ==========
    total used free shared buffers
    cached
    Mem: 4049424 579548 3469876 0 19504
    219756
    -/+ buffers/cache: 340288 3709136
    Swap: 9767448 0 9767448


    Default run level is 2

    ======== ls -o /etc/rcS.d/ ==========
    total 4
    -rw-r--r-- 1 root 783 2007-12-23 12:04 README
    lrwxrwxrwx 1 root 18 2008-06-22 23:44 S01glibc.sh -> ../init.d/
    glibc.sh
    lrwxrwxrwx 1 root 21 2008-06-22 23:44 S02hostname.sh -> ../init.d/
    hostname.sh
    lrwxrwxrwx 1 root 24 2008-06-22 23:44 S02mountkernfs.sh -> ../init.d/
    mountkernfs.sh
    lrwxrwxrwx 1 root 14 2008-06-22 23:48 S03udev -> ../init.d/udev
    lrwxrwxrwx 1 root 16 2008-07-05 21:53 S04dmraid -> ../init.d/dmraid
    lrwxrwxrwx 1 root 26 2008-06-22 23:44 S04mountdevsubfs.sh -> ../
    init.d/mountdevsubfs.sh
    lrwxrwxrwx 1 root 18 2008-06-22 23:44 S05bootlogd -> ../init.d/
    bootlogd
    lrwxrwxrwx 1 root 19 2008-06-22 23:45 S05keymap.sh -> ../init.d/
    keymap.sh
    lrwxrwxrwx 1 root 16 2008-06-23 00:12 S07hdparm -> ../init.d/hdparm
    lrwxrwxrwx 1 root 25 2008-06-22 23:44 S08hwclockfirst.sh -> ../init.d/
    hwclockfirst.sh
    lrwxrwxrwx 1 root 22 2008-06-22 23:44 S10checkroot.sh -> ../init.d/
    checkroot.sh
    lrwxrwxrwx 1 root 20 2008-06-22 23:44 S11hwclock.sh -> ../init.d/
    hwclock.sh
    lrwxrwxrwx 1 root 17 2008-06-22 23:44 S12mtab.sh -> ../init.d/mtab.sh
    lrwxrwxrwx 1 root 24 2008-06-22 23:44 S18ifupdown-clean -> ../init.d/
    ifupdown-clean
    lrwxrwxrwx 1 root 27 2008-06-22 23:44 S20module-init-tools -> ../
    init.d/module-init-tools
    lrwxrwxrwx 1 root 25 2008-06-23 00:13 S20policycoreutils -> ../init.d/
    policycoreutils
    lrwxrwxrwx 1 root 26 2008-07-05 21:00 S26cryptdisks-early -> ../
    init.d/cryptdisks-early
    lrwxrwxrwx 1 root 22 2008-07-05 21:47 S28checkfs-loop -> ../init.d/
    checkfs-loop
    lrwxrwxrwx 1 root 20 2008-07-05 21:00 S28cryptdisks -> ../init.d/
    cryptdisks
    lrwxrwxrwx 1 root 20 2008-06-22 23:44 S30checkfs.sh -> ../init.d/
    checkfs.sh
    lrwxrwxrwx 1 root 16 2008-06-22 23:44 S30procps -> ../init.d/procps
    lrwxrwxrwx 1 root 19 2008-06-23 00:14 S31hibernate -> ../init.d/
    hibernate
    lrwxrwxrwx 1 root 21 2008-06-22 23:44 S35mountall.sh -> ../init.d/
    mountall.sh
    lrwxrwxrwx 1 root 31 2008-06-22 23:44 S36mountall-bootclean.sh -> ../
    init.d/mountall-bootclean.sh
    lrwxrwxrwx 1 root 19 2008-06-22 23:48 S36udev-mtab -> ../init.d/udev-
    mtab
    lrwxrwxrwx 1 root 26 2008-06-22 23:44 S37mountoverflowtmp -> ../
    init.d/mountoverflowtmp
    lrwxrwxrwx 1 root 18 2008-06-22 23:45 S38pppd-dns -> ../init.d/pppd-
    dns
    lrwxrwxrwx 1 root 18 2008-06-22 23:44 S39ifupdown -> ../init.d/
    ifupdown
    lrwxrwxrwx 1 root 20 2008-06-22 23:44 S40networking -> ../init.d/
    networking
    lrwxrwxrwx 1 root 21 2008-06-23 00:14 S40pcmciautils -> ../init.d/
    pcmciautils
    lrwxrwxrwx 1 root 17 2008-06-23 00:13 S43portmap -> ../init.d/portmap
    lrwxrwxrwx 1 root 20 2008-06-23 00:13 S44nfs-common -> ../init.d/nfs-
    common
    lrwxrwxrwx 1 root 21 2008-06-22 23:44 S45mountnfs.sh -> ../init.d/
    mountnfs.sh
    lrwxrwxrwx 1 root 31 2008-06-22 23:44 S46mountnfs-bootclean.sh -> ../
    init.d/mountnfs-bootclean.sh
    lrwxrwxrwx 1 root 27 2008-06-22 23:45 S48console-screen.sh -> ../
    init.d/console-screen.sh
    lrwxrwxrwx 1 root 20 2008-06-23 00:14 S50alsa-utils -> ../init.d/alsa-
    utils
    lrwxrwxrwx 1 root 21 2008-06-22 23:44 S55bootmisc.sh -> ../init.d/
    bootmisc.sh
    lrwxrwxrwx 1 root 17 2008-06-22 23:44 S55urandom -> ../init.d/urandom
    lrwxrwxrwx 1 root 20 2008-06-23 00:06 S70x11-common -> ../init.d/x11-
    common
    lrwxrwxrwx 1 root 14 2008-06-23 00:14 S75sudo -> ../init.d/sudo
    lrwxrwxrwx 1 root 30 2008-06-22 23:44 S99stop-bootlogd-single -> ../
    init.d/stop-bootlogd-single
    ======== grep hosts: /etc/nsswitch.conf ==========
    hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
    ======== grep -v '^#' /etc/resolv.conf ==========
    domain local.lan
    search local.lan
    nameserver 80.58.61.250
    nameserver 80.58.61.254
    ======== hostname --fqdn ==========
    basil
    === cat /etc/hostname ====
    basil
    ======== grep -v '^#' /etc/host.conf ==========
    multi on
    ================ ifconfig -a ==============
    eth0 Link encap:Ethernet HWaddr 00:1d:09:60:e1:91
    UP BROADCAST MULTICAST MTU:1500 Metric:1
    RX packets:51 errors:0 dropped:0 overruns:0 frame:0
    TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:6233 (6.0 KiB) TX bytes:20075 (19.6 KiB)
    Interrupt:16

    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    UP LOOPBACK RUNNING MTU:16436 Metric:1
    RX packets:10 errors:0 dropped:0 overruns:0 frame:0
    TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:750 (750.0 B) TX bytes:750 (750.0 B)

    wlan0 Link encap:Ethernet HWaddr 00:1f:e1:68:2d:cf
    inet addr:192.168.1.35 Bcast:192.168.1.255 Mask:
    255.255.255.0
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:21848 errors:0 dropped:0 overruns:0 frame:0
    TX packets:12005 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:30446770 (29.0 MiB) TX bytes:994738 (971.4 KiB)
    Interrupt:17 Memory:fe7fc000-fe800000

    ============== route -n =================
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref
    Use Iface
    192.168.1.0 0.0.0.0 255.255.255.0 U 0 0
    0 wlan0
    169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0
    0 wlan0
    0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0
    0 wlan0
    ========== head -15 /etc/hosts ===========
    127.0.0.1 localhost
    127.0.1.1 basil

    # The following lines are desirable for IPv6 capable hosts
    ::1 localhost ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts
    === cat /etc/network/interfaces ====
    # This file describes the network interfaces available on your system
    # and how to activate them. For more information, see interfaces(5).

    # The loopback network interface
    auto lo
    iface lo inet loopback

    iface wlan0 inet dhcp
    wireless-key s:REMOVED_FOR_POSTING open
    wireless-essid WLAN_80

    auto wlan0

    #iface eth0 inet dhcp

    #auto eth0
    ======== mii-tool -v eth0 ==========
    eth0: no link
    product info: vendor 00:50:43, model 38 rev 0
    basic mode: autonegotiation enabled
    basic status: no link
    capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
    advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-
    control
    === dmesg | grep eth0 | grep -v SRC= ===
    sky2 eth0: addr 00:1d:09:60:e1:91
    sky2 eth0: enabling interface
    sky2 eth0: disabling interface
    sky2 eth0: enabling interface
    sky2 eth0: disabling interface
    sky2 eth0: enabling interface
    sky2 eth0: disabling interface
    sky2 eth0: enabling interface
    sky2 eth0: Link is up at 100 Mbps, full duplex, flow control rx
    sky2 eth0: disabling interface
    sky2 eth0: enabling interface
    sky2 eth0: Link is up at 100 Mbps, full duplex, flow control rx
    sky2 eth0: Link is down.
    === grep eth0 /var/log/messages | tail -10 ===
    Jul 6 16:20:43 basil dhcdbd: message_handler: message handler not
    found under /com/redhat/dhcp/eth0 for sub-path
    eth0.dbus.get.interface_mtu
    Jul 6 16:20:43 basil kernel: sky2 eth0: disabling interface
    Jul 6 16:20:43 basil kernel: sky2 eth0: enabling interface
    Jul 6 16:20:45 basil kernel: sky2 eth0: Link is up at 100 Mbps, full
    duplex, flow control rx
    Jul 6 16:20:52 basil dhcdbd: message_handler: message handler not
    found under /com/redhat/dhcp/eth0 for sub-path eth0.dbus.get.host_name
    Jul 6 16:20:52 basil dhcdbd: message_handler: message handler not
    found under /com/redhat/dhcp/eth0 for sub-path
    eth0.dbus.get.domain_search
    Jul 6 16:20:52 basil dhcdbd: message_handler: message handler not
    found under /com/redhat/dhcp/eth0 for sub-path
    eth0.dbus.get.nis_domain
    Jul 6 16:20:52 basil dhcdbd: message_handler: message handler not
    found under /com/redhat/dhcp/eth0 for sub-path
    eth0.dbus.get.nis_servers
    Jul 6 16:20:52 basil dhcdbd: message_handler: message handler not
    found under /com/redhat/dhcp/eth0 for sub-path
    eth0.dbus.get.interface_mtu
    Jul 6 16:23:35 basil kernel: sky2 eth0: Link is down.
    === dmesg | grep eth1 | grep -v SRC= ===
    === grep eth1 /var/log/messages | tail -10 ===
    === dmesg | grep eth2 | grep -v SRC= ===
    === grep eth2 /var/log/messages | tail -10 ===
    === dmesg | grep eth3 | grep -v SRC= ===
    === grep eth3 /var/log/messages | tail -10 ===
    ========= cd /etc/NetworkManager/dispatcher.d ; ls -al ========
    total 12
    drwxr-xr-x 2 root root 4096 2008-06-23 00:14 .
    drwxr-xr-x 3 root root 4096 2008-06-23 00:08 ..
    -rwxr-xr-x 1 root root 874 2008-04-03 04:13 01ifupdown
    ==== cd /etc/network/if-up.d ; ls -al ===
    total 28
    drwxr-xr-x 2 root root 4096 2008-07-05 22:10 .
    drwxr-xr-x 7 root root 4096 2008-07-06 16:25 ..
    -rwxr-xr-x 1 root root 886 2008-04-05 12:24 avahi-autoipd
    -rwxr-xr-x 1 root root 504 2008-04-05 12:24 avahi-daemon
    -rwxr-xr-x 1 root root 4297 2008-04-12 09:52 mountnfs
    -rwxr-xr-x 1 root root 94 2008-01-20 12:21 openntpd
    lrwxrwxrwx 1 root root 32 2008-06-23 00:16 wpasupplicant -> ../../
    wpa_supplicant/ifupdown.sh
    ==== cd /etc/network/if-down.d ; ls -al ===
    total 12
    drwxr-xr-x 2 root root 4096 2008-06-23 00:16 .
    drwxr-xr-x 7 root root 4096 2008-07-06 16:25 ..
    -rwxr-xr-x 1 root root 979 2008-04-05 12:24 avahi-autoipd
    lrwxrwxrwx 1 root root 32 2008-06-23 00:16 wpasupplicant -> ../../
    wpa_supplicant/ifupdown.sh
    ==== cd /etc/network/if-pre-up.d ; ls -al ===
    total 12
    drwxr-xr-x 2 root root 4096 2008-06-23 00:16 .
    drwxr-xr-x 7 root root 4096 2008-07-06 16:25 ..
    -rwxr-xr-x 1 root root 2280 2007-10-15 11:04 wireless-tools
    lrwxrwxrwx 1 root root 32 2008-06-23 00:16 wpasupplicant -> ../../
    wpa_supplicant/ifupdown.sh
    ==== cd /etc/network/if-post-down.d ; ls -al ===
    total 12
    drwxr-xr-x 2 root root 4096 2008-06-23 00:16 .
    drwxr-xr-x 7 root root 4096 2008-07-06 16:25 ..
    lrwxrwxrwx 1 root root 23 2008-06-23 00:11 avahi-daemon -> ../if-
    up.d/avahi-daemon
    -rwxr-xr-x 1 root root 997 2007-10-15 11:04 wireless-tools
    lrwxrwxrwx 1 root root 32 2008-06-23 00:16 wpasupplicant -> ../../
    wpa_supplicant/ifupdown.sh
    ========= cd /etc/dhcp3/dhclient-exit-hooks.d ; ls -al ========
    total 20
    drwxr-xr-x 2 root root 4096 2008-06-23 00:16 .
    drwxr-xr-x 4 root root 4096 2008-06-23 00:16 ..
    -rw-r--r-- 1 root root 1024 2008-03-11 22:08 debug
    -rw-r--r-- 1 root root 333 2008-04-06 16:23 dhcdbd
    -rwxr-xr-x 1 root root 1097 2008-04-05 12:24 zzz_avahi-autoipd
    ======== grep -v '^#' /etc/hosts.deny ==========

    ==== end of config/network data dump =======


    Thanks a lot!

  5. Re: Slow DNS Lookup (and no IPv6-issue???)

    On Sun, 6 Jul 2008 07:40:35 -0700 (PDT), info@cheffestl.de wrote:

    > ======== lsb_release -a ==========
    > Distributor ID: Debian


    First off, I have no experience with Debian or wireless.

    > ======== grep hosts: /etc/nsswitch.conf ==========
    > hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4


    I would change that to
    hosts: files dns



    > ======== grep -v '^#' /etc/resolv.conf ==========
    > domain local.lan
    > search local.lan
    > nameserver 80.58.61.250
    > nameserver 80.58.61.254


    Snippet from
    man resolv.conf

    domain Local domain name.
    Most queries for names within this domain can use short names
    relative to the local domain. If no domain entry is present,
    the domain is determined from the local host name returned by
    gethostname(3); the domain part is taken to be everything
    after the first '.'. Finally, if the host name does not con‐
    tain a domain part, the root domain is assumed.

    search Search list for host-name lookup
    The search list is normally determined from the local domain
    name; by default, it contains only the local domain name.
    This may be changed by listing the desired domain search path
    following the search keyword with spaces or tabs separating
    the names. Resolver queries having fewer than ndots dots
    (default is 1) in them will be attempted using each component
    of the search path in turn until a match is found. For envi‐
    ronments with multiple subdomains please read options ndots:n
    below to avoid man-in-the-middle attacks and unnecessary traf‐
    fic for the root-dns-servers. Note that this process may be
    slow and will generate a lot of network traffic if the servers
    for the listed domains are not local, and that queries will
    time out if no server is available for one of the domains.



    > ======== hostname --fqdn ==========
    > basil
    > === cat /etc/hostname ====
    > basil


    Just a FYI,
    Some applications like to have a FQDN for a node name.
    Guessing yours should have been basil.local.lan

    I would suggest something like
    basil.local.invalid or
    basil.local.test
    just in case any email escapes your machine.

    See http://www.rfc-editor.org/rfc/rfc2606.txt
    2. TLDs for Testing, & Documentation Examples

    I suggest a reboot anytime you change hostname.

    > ======== grep -v '^#' /etc/host.conf ==========
    > multi on


    No idea about Debian, but on Mandriva Linux I have

    $ grep -v '^#' /etc/host.conf
    order hosts,bind
    multi on

    I would have expected yours to have the "order" line


    > ================ ifconfig -a ==============
    > eth0 Link encap:Ethernet HWaddr 00:1d:09:60:e1:91
    > UP BROADCAST MULTICAST MTU:1500 Metric:1
    > RX packets:51 errors:0 dropped:0 overruns:0 frame:0
    > TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
    > collisions:0 txqueuelen:1000
    > RX bytes:6233 (6.0 KiB) TX bytes:20075 (19.6 KiB)
    > Interrupt:16
    >
    >
    > wlan0 Link encap:Ethernet HWaddr 00:1f:e1:68:2d:cf
    > inet addr:192.168.1.35 Bcast:192.168.1.255 Mask:
    > 255.255.255.0
    > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    > RX packets:21848 errors:0 dropped:0 overruns:0 frame:0
    > TX packets:12005 errors:0 dropped:0 overruns:0 carrier:0
    > collisions:0 txqueuelen:1000
    > RX bytes:30446770 (29.0 MiB) TX bytes:994738 (971.4 KiB)
    > Interrupt:17 Memory:fe7fc000-fe800000
    >
    > ============== route -n =================
    > Kernel IP routing table
    > Destination Gateway Genmask Flags Metric Ref Use Iface
    > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
    > 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0
    > 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0


    Hmm, no idea why you have eth0 tx/rx bytes and no routing for eth0



    > ========== head -15 /etc/hosts ===========
    > 127.0.0.1 localhost
    > 127.0.1.1 basil


    I would make it
    127.0.1.1 basil.local.lan basil


    > === cat /etc/network/interfaces ====
    > # This file describes the network interfaces available on your system
    > # and how to activate them. For more information, see interfaces(5).
    >
    > # The loopback network interface
    > auto lo
    > iface lo inet loopback
    >
    > iface wlan0 inet dhcp
    > wireless-key s:REMOVED_FOR_POSTING open
    > wireless-essid WLAN_80
    >
    > auto wlan0
    >
    > #iface eth0 inet dhcp
    >
    > #auto eth0


    > ========= cd /etc/NetworkManager/dispatcher.d ; ls -al ========
    > total 12
    > drwxr-xr-x 2 root root 4096 2008-06-23 00:14 .
    > drwxr-xr-x 3 root root 4096 2008-06-23 00:08 ..
    > -rwxr-xr-x 1 root root 874 2008-04-03 04:13 01ifupdown
    > ==== cd /etc/network/if-up.d ; ls -al ===
    > total 28
    > drwxr-xr-x 2 root root 4096 2008-07-05 22:10 .
    > drwxr-xr-x 7 root root 4096 2008-07-06 16:25 ..
    > -rwxr-xr-x 1 root root 886 2008-04-05 12:24 avahi-autoipd
    > -rwxr-xr-x 1 root root 504 2008-04-05 12:24 avahi-daemon



    Ok, I would disable any avahi* daemon/services if running.


    > Thanks a lot!


    The only config files that might cause your problem that I saw were
    /etc/nsswitch.conf
    /etc/host.conf

    I have no idea how to disable avahi-* scripts on Debian.
    Those may be what are causing the problems.

  6. Re: Slow DNS Lookup (and no IPv6-issue???)

    info@cheffestl.de a écrit :
    >
    > Yes, the problem also occurs for "dig" and "host".


    With the nameservers in resolv.conf which work well on other systems ?
    Then my advice is do not waste time with the resolver setup because dig
    and host ignore it, they just use the nameservers listed in resolv.conf.
    It may help to start your favourite packet sniffer and see what happens
    on the wire when using dig or host.

  7. Re: Slow DNS Lookup (and no IPv6-issue???)

    I installed wireshark and did some analysis, what was going on, when I
    tried to connect to some server, for example google.com:80. It looked
    always like this:

    0s : Query AAAA google.com
    2s : Query AAAA google.com
    4s : Query AAAA google.com
    4.01s : Response AAAA google.com
    4.02s : Query AAAA google.com.local.lan
    6s : Query AAAA google.com.local.lan
    8s : Query AAAA google.com.local.lan
    8.01s : Response AAAA google.com.local.lan : No such name
    8.02s : Query A google.com
    10s : Query A google.com
    12s : Query A google.com
    12.01s : Response AAAA google.com : 72.14.207.99
    12.02s : TCP SYN to 72.14.207.99:80
    ....

    About this result 2 interesting questions arise:
    - Why does every query have to be done 3 times until a response is
    received???
    - Why are there still AAAA-queries, if the ipv6-kernel-module is not
    loaded ("lsmod | grep ipv6" gives empty output!)?

    If i use explicit IPv4 like by typing "ssh -4" or "telnet -4" or as
    well with "dig google.com", there are no more AAAA queries. But the
    time-consuming drop of the first queries is still holding on and
    annoying! What can cause such a behaviour???

  8. Re: Slow DNS Lookup (and no IPv6-issue???)

    info@cheffestl.de wrote:

    > I installed wireshark and did some analysis, what was going on, when I
    > tried to connect to some server, for example google.com:80. It looked
    > always like this:
    >
    > 0s : Query AAAA google.com
    > 2s : Query AAAA google.com
    > 4s : Query AAAA google.com
    > 4.01s : Response AAAA google.com
    > 4.02s : Query AAAA google.com.local.lan
    > 6s : Query AAAA google.com.local.lan
    > 8s : Query AAAA google.com.local.lan
    > 8.01s : Response AAAA google.com.local.lan : No such name
    > 8.02s : Query A google.com
    > 10s : Query A google.com
    > 12s : Query A google.com
    > 12.01s : Response AAAA google.com : 72.14.207.99
    > 12.02s : TCP SYN to 72.14.207.99:80
    > ...
    >
    > About this result 2 interesting questions arise:
    > - Why does every query have to be done 3 times until a response is
    > received???


    Because without a . at the end of the URL the reslover appends your doman ti
    the end of the query giving you google.com.local.lan which fails because it
    doesn't exist then it tries google.com which succeeds.


    > - Why are there still AAAA-queries, if the ipv6-kernel-module is not
    > loaded ("lsmod | grep ipv6" gives empty output!)?
    >


    Try putting this into your /etc/modprobe.conf if ipv6 is compiled as a
    modules and not into the kernel.

    # disable autoload of ipv6 module
    alias net-pf-10 off


    > If i use explicit IPv4 like by typing "ssh -4" or "telnet -4" or as
    > well with "dig google.com", there are no more AAAA queries. But the
    > time-consuming drop of the first queries is still holding on and
    > annoying! What can cause such a behaviour???


    Try dig google.com.

    --
    Tayo'y mga Pinoy

  9. Re: Slow DNS Lookup (and no IPv6-issue???)

    > > About this result 2 interesting questions arise:
    > > - Why does every query have to be done 3 times until a response is
    > > received???

    >
    > Because without a . at the end of the URL the reslover appends your doman ti
    > the end of the query giving you google.com.local.lan which fails because it
    > doesn't exist then it tries google.com which succeeds.


    OK, this explains, why there are those weird "google.com.local.lan"
    queries. But why does my DNS client have to send *every* *single* 3
    times, until there is any response from the DNS server? Without this
    delay, the other effects (asking about "....local.lan" and AAAA
    queries) wouldn't be a problem, because the time needed for this would
    be in the order of milliseconds.

    > > - Why are there still AAAA-queries, if the ipv6-kernel-module is not
    > > loaded ("lsmod | grep ipv6" gives empty output!)?

    >
    > Try putting this into your /etc/modprobe.conf if ipv6 is compiled as a
    > modules and not into the kernel.
    >
    > # disable autoload of ipv6 module
    > alias net-pf-10 off


    Already done before. The ipv6-MODULE is definitely switched off. But
    could there be any ipv6-functionality compiled into the kernel? How
    can I check?

    > Try dig google.com.


    Already done before (as I told) - long delay as well. What else should
    I be able to learn from the result?

    Thanks for the answer...

  10. Re: Slow DNS Lookup (and no IPv6-issue???)

    info@cheffestl.de a écrit :
    >
    > 0s : Query AAAA google.com
    > 2s : Query AAAA google.com
    > 4s : Query AAAA google.com
    > 4.01s : Response AAAA google.com
    > 4.02s : Query AAAA google.com.local.lan
    > 6s : Query AAAA google.com.local.lan
    > 8s : Query AAAA google.com.local.lan
    > 8.01s : Response AAAA google.com.local.lan : No such name
    > 8.02s : Query A google.com
    > 10s : Query A google.com
    > 12s : Query A google.com
    > 12.01s : Response AAAA google.com : 72.14.207.99


    Are you sure the last response has type AAAA ?

    > About this result 2 interesting questions arise:
    > - Why does every query have to be done 3 times until a response is
    > received???


    My first idea would be that the problem is at the queried DNS server,
    but you said this server works well with other machines and the same
    happens with other DNS servers. Are all queries aimed at the same DNS
    server ?

    > - Why are there still AAAA-queries, if the ipv6-kernel-module is not
    > loaded ("lsmod | grep ipv6" gives empty output!)?


    If ipv6 is built in the kernel, there is no module. Check if
    /proc/net/if_inet6 exists, or if ifconfig reports inet6 addresses.

    Name resolving is not performed by the kernel, but I thought the
    resolver library sent AAAA queries only when IPv6 was enabled. It even
    seems that some versions of the resolver library send AAAA queries only
    when the system has a "suitable" IPv6 address, i.e. not loopback and
    link-local addresses only.

  11. Re: Slow DNS Lookup (and no IPv6-issue???)

    > > ...
    > > 10s : Query A google.com
    > > 12s : Query A google.com
    > > 12.01s : Response AAAA google.com : 72.14.207.99

    >
    > Are you sure the last response has type AAAA ?


    No, it has not, I'm sorry. Of course, this is of type A.

    > My first idea would be that the problem is at the queried DNS server,
    > but you said this server works well with other machines and the same
    > happens with other DNS servers. Are all queries aimed at the same DNS
    > server ?


    No, they alternate between both configured DNS-servers.

    > If ipv6 is built in the kernel, there is no module. Check if
    > /proc/net/if_inet6 exists, or if ifconfig reports inet6 addresses.
    >
    > Name resolving is not performed by the kernel, but I thought the
    > resolver library sent AAAA queries only when IPv6 was enabled. It even
    > seems that some versions of the resolver library send AAAA queries only
    > when the system has a "suitable" IPv6 address, i.e. not loopback and
    > link-local addresses only.


    I'm going to check this, but at the moment I don't have access to the
    concerned machine.

    Thanks a lot for the response!

  12. Re: Slow DNS Lookup (and no IPv6-issue???)

    > > ...
    > > 10s : Query A google.com
    > > 12s : Query A google.com
    > > 12.01s : Response AAAA google.com : 72.14.207.99


    > Are you sure the last response has type AAAA ?


    No, it has not, I'm sorry. Of course, this is of type A.

    > My first idea would be that the problem is at the queried DNS server,
    > but you said this server works well with other machines and the same
    > happens with other DNS servers. Are all queries aimed at the same DNS
    > server ?


    No, they alternate between both configured DNS-servers.

    > If ipv6 is built in the kernel, there is no module. Check if
    > /proc/net/if_inet6 exists, or if ifconfig reports inet6 addresses.


    > Name resolving is not performed by the kernel, but I thought the
    > resolver library sent AAAA queries only when IPv6 was enabled. It even
    > seems that some versions of the resolver library send AAAA queries only
    > when the system has a "suitable" IPv6 address, i.e. not loopback and
    > link-local addresses only.


    I'm going to check this, but at the moment I don't have access to the
    concerned machine.

    Thanks a lot for the response!

    Edit: Wrong account, changed it...

  13. Re: Slow DNS Lookup (and no IPv6-issue???)

    > > ...
    > > 10s : Query A google.com
    > > 12s : Query A google.com
    > > 12.01s : Response AAAA google.com : 72.14.207.99


    > Are you sure the last response has type AAAA ?


    No, it has not, I'm sorry. Of course, this is of type A.

    > My first idea would be that the problem is at the queried DNS server,
    > but you said this server works well with other machines and the same
    > happens with other DNS servers. Are all queries aimed at the same DNS
    > server ?


    No, they alternate between both configured DNS-servers.

    > If ipv6 is built in the kernel, there is no module. Check if
    > /proc/net/if_inet6 exists, or if ifconfig reports inet6 addresses.


    > Name resolving is not performed by the kernel, but I thought the
    > resolver library sent AAAA queries only when IPv6 was enabled. It even
    > seems that some versions of the resolver library send AAAA queries only
    > when the system has a "suitable" IPv6 address, i.e. not loopback and
    > link-local addresses only.


    I'm going to check this, but at the moment I don't have access to the
    concerned machine.

    Thanks a lot for the response!

    Edit: Wrong account, changed it...

  14. Re: Slow DNS Lookup (and no IPv6-issue???)

    info@cheffestl.de a écrit :
    >
    >>My first idea would be that the problem is at the queried DNS server,
    >>but you said this server works well with other machines and the same
    >>happens with other DNS servers. Are all queries aimed at the same DNS
    >>server ?

    >
    > No, they alternate between both configured DNS-servers.


    In which order ? It is a pity that you did not mention the server in
    queries and replies in the wireshark trace.

  15. Re: Slow DNS Lookup (and no IPv6-issue???)

    info@cheffestl.de wrote:

    [putolin]

    >> Try putting this into your /etc/modprobe.conf if ipv6 is compiled as a
    >> modules and not into the kernel.
    >>
    >> # disable autoload of ipv6 module
    >> alias net-pf-10 off

    >
    > Already done before. The ipv6-MODULE is definitely switched off. But
    > could there be any ipv6-functionality compiled into the kernel? How
    > can I check?
    >


    To see if it is loaded (as root) :

    lsmod | grep ipv6

    example:
    [root@desktop ~]# lsmod | grep ipv6
    ipv6 256324 8

    To find out if ipv6 is compiled as module:

    find /lib -name ipv6.ko -print

    Should return the path to kernel module named ipv6.ko

    example: /lib/modules/2.6.25-ARCH/kernel/net/ipv6/ipv6.ko

    otherwise it was compiled into the kernel.


    If you try to load the ipv6 module and you have:

    # disable autoload of ipv6 module
    alias net-pf-10 off

    in the /etc/modprobe.conf you get:

    [root@desktop ~]# modprobe net-pf-10
    FATAL: Module off not found.

    --
    Tayo'y mga Pinoy

  16. Re: Slow DNS Lookup (and no IPv6-issue???)

    I think I resolved the issue:

    I analyzed the DNS queries of windows (working without problems on the
    same machine) and found out that the same effect is happening there as
    well: 3 query packets have to be sent until a response is received.
    The difference: Windows sends the queries with a much higher frequency
    and therefore the whole progress doesn't take as much time and the
    user doesn't recognize any delay.

    So the problem seemed to be rather the router than the client system.
    Maybe the router recognizes an UDP "connection" only after at least 3
    packets have been sent from the same port to the same port (as using
    UDP the router has no TCP flags signalling new connections). I don't
    know, something like this...

    Workaround (since I haven't got access to reconfigure the router):
    Define the router IP itself as nameserver instead of the nameservers
    that it suggests via DHCP. So the UDP packets have to travel only
    within the LAN and the problem is avoided. The router is then able to
    act as a "DNS-forwarder", asks the nameservers of the ISP for the
    result and returns the result to the client.

    Anyway: Hard to imagine that this effect doesn't happen all over the
    linux world?! What is different in other people's linux systems? Do
    they usually have shorter timeouts? Is the configuration of my router
    really THAT strange and normally routers forward the DNS packets
    properly? Do they ignore the DHCP-given nameservers and use the
    gateway-IP as default nameserver??? I didn't reconfigure anything
    strangely, the system is an almost-out-of-the-box debian!

    Thanks for your help!

  17. Re: Slow DNS Lookup (and no IPv6-issue???)

    I think I resolved the issue:

    I analyzed the DNS queries of windows (working without problems on the
    same machine) and found out that the same effect is happening there as
    well: 3 query packets have to be sent until a response is received.
    The difference: Windows sends the queries with a much higher frequency
    and therefore the whole progress doesn't take as much time and the
    user doesn't recognize any delay.

    So the problem seemed to be rather the router than the client system.
    Maybe the router recognizes an UDP "connection" only after at least 3
    packets have been sent from the same port to the same port (as using
    UDP the router has no TCP flags signalling new connections). I don't
    know, something like this...

    Workaround (since I haven't got access to reconfigure the router):
    Define the router IP itself as nameserver instead of the nameservers
    that it suggests via DHCP. So the UDP packets have to travel only
    within the LAN and the problem is avoided. The router is then able to
    act as a "DNS-forwarder", asks the nameservers of the ISP for the
    result and returns the result to the client.

    Anyway: Hard to imagine that this effect doesn't happen all over the
    linux world?! What is different in other people's linux systems? Do
    they usually have shorter timeouts? Is the configuration of my router
    really THAT strange and normally routers forward the DNS packets
    properly? Do they ignore the DHCP-given nameservers and use the
    gateway-IP as default nameserver??? I didn't reconfigure anything
    strangely, the system is an almost-out-of-the-box debian!

    Thanks for your help!

  18. Re: Slow DNS Lookup (and no IPv6-issue???)

    I think I resolved the issue:

    I analyzed the DNS queries of windows (working without problems on the
    same machine) and found out that the same effect is happening there as
    well: 3 query packets have to be sent until a response is received.
    The difference: Windows sends the queries with a much higher frequency
    and therefore the whole progress doesn't take as much time and the
    user doesn't recognize any delay.

    So the problem seemed to be rather the router than the client system.
    Maybe the router recognizes an UDP "connection" only after at least 3
    packets have been sent from the same port to the same port (as using
    UDP the router has no TCP flags signalling new connections). I don't
    know, something like this...

    Workaround (since I haven't got access to reconfigure the router):
    Define the router IP itself as nameserver instead of the nameservers
    that it suggests via DHCP. So the UDP packets have to travel only
    within the LAN and the problem is avoided. The router is then able to
    act as a "DNS-forwarder", asks the nameservers of the ISP for the
    result and returns the result to the client.

    Anyway: Hard to imagine that this effect doesn't happen all over the
    linux world?! What is different in other people's linux systems? Do
    they usually have shorter timeouts? Is the configuration of my router
    really THAT strange and normally routers forward the DNS packets
    properly? Do they ignore the DHCP-given nameservers and use the
    gateway-IP as default nameserver??? I didn't reconfigure anything
    strangely, the system is an almost-out-of-the-box debian!

    Thanks for your help!

  19. Re: Slow DNS Lookup (and no IPv6-issue???)

    info@cheffestl.de a écrit :
    >
    > Is the configuration of my router really THAT strange


    It seems so.

    > and normally routers forward the DNS packets properly?


    Yes, as well as any UDP traffic.

+ Reply to Thread