[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [FC3] Sites 'disappearing' from DNS

Hash: SHA1

Nigel Wade wrote:

| The root of this particular problem is that nscd caches this failed
| lookup for you, DNS does not.

I respectfully disagree.  I do not experience these "fact of life"
timeouts and fake NXDOMAIN results; I use my ISP DNS cached on a
separate machine here.

The DNS cache is behaving as designed, the problem seems to me to be the
timeout is set too low for the behaviour of the original poster's
upstream DNS, or put another way, the upstream DNS may be overloaded and
not always responsive.  I would do a

tcpdump port 53

(despite the name this gets UDP too) and look for SERVFAIL or slow
response, and if seen, complain to whoever it is that I pay for the
upstream DNS in the one case and in the other case add to /etc/resolv.conf

options timeout:xx

where xx is the timeout in seconds; my DNS cache machine has it set to
25.  If you are hanging around for more than 25 seconds to get DNS that
is not what I would call normal or a "fact of life".

- -Andy
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]