[FC3] Sites 'disappearing' from DNS

Andy Green andy at warmcat.com
Thu Apr 7 10:40:44 UTC 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nigel Wade wrote:

| The root of this particular problem is that nscd caches this failed
| lookup for you, DNS does not.

I respectfully disagree.  I do not experience these "fact of life"
timeouts and fake NXDOMAIN results; I use my ISP DNS cached on a
separate machine here.

The DNS cache is behaving as designed, the problem seems to me to be the
timeout is set too low for the behaviour of the original poster's
upstream DNS, or put another way, the upstream DNS may be overloaded and
not always responsive.  I would do a

tcpdump port 53

(despite the name this gets UDP too) and look for SERVFAIL or slow
response, and if seen, complain to whoever it is that I pay for the
upstream DNS in the one case and in the other case add to /etc/resolv.conf

options timeout:xx

where xx is the timeout in seconds; my DNS cache machine has it set to
25.  If you are hanging around for more than 25 seconds to get DNS that
is not what I would call normal or a "fact of life".

- -Andy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFCVQ4sjKeDCxMJCTIRAjXXAJ9r+dUXMIbpTmDIjap7xl4TLw7z0gCeMq69
JmkbdszH43A4ZmPEKhhfPO8=
=7Nzs
-----END PGP SIGNATURE-----




More information about the fedora-list mailing list