[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: Slow connection time - turning off reverse DNS lookup

Felipe Rechia feliperechia@gmail.com
Fri, 21 Oct 2011 19:27:13 GMT


Hi Alex!

> Without having the slightest clue about your setup aside from what you've told me, what type of system(s) are we dealing with? For instance, in Solaris you can define search orders in /etc/nsswitch.conf for hosts databases:
>
> hosts: files dns
>
I am using both conserver-server and client installed as packages for
ubuntu 10.04.

> Then add the appropriate entries to your /etc/hosts file and things should speed up a bit.
>

Yes, this works. I've edited the /etc/hosts file of one server to test
it , but since I have 6 conserver-servers, I'd always have to
replicate any hostname updates to the /etc/hosts file of all servers.
Currently I have around 10 different users which could connect from
different IP addresses from our internal network, and some also from a
range of IP addresses acquired via DHCP. So I'd have to create lots of
entries in the files, and  I'm currently looking for a simpler option.

> As an aside, it doesn't make much sense to me that you'd get a 45 sec timeout if a DNS server is responding with an NXDOMAIN error. It seems to me that you're looking for DNS servers that aren't responding. I'd check to see if your DNS server settings are correct prior to trying to alter source code to circumvent this behavior.
>

The DNS server previously had all the access network hosts mapped as
entries following a rule like this:
192.168.0.1 accessnetworkhost1
192.168.0.2 accessnetworkhost2
192.168.0.3 accessnetworkhost3
192.168.0.4 accessnetworkhost4

But after our IP migration, the DNS server was not updated.

Currently I don't have access to the DNS server, and I'd have to
contact IT staff and ask them to add 254 IP entries to the server (I'm
not sure if this can be done by specifying an IP range, I have no clue
about how to configure the DNS server). I was trying to skip this
because I want to avoid this reverse DNS lookup.

Or I could create my own DNS server and add those entries... In any
case, I'd prefer to just turn off reverse dns lookup, if that is
possible. :)

An explanation about the 45 seconds timeout: it is the sum of all
timeouts from each conserver-server when I run console -u (I've
removed usernames from the output):

$ time console -u
 lombardiCom1               up   xxxxx@10.1.64.1
 lombardi7                  up  xxxxx@10.1.64.13
 lombardi6                  up   xxxxx@10.1.64.1
 lombardi5                  up   <none>
 lombardi4                  up   <none>
 lombardi3                  up   xxxxx@10.1.64.13
 lombardi2                  up   xxxxx@10.1.64.13
 lombardi1                  up   xxxxx@10.1.64.1
 lombardi0                  up   xxxxx@10.1.64.1
console: connect(): 3109@setubal: Connection refused
 eneasCom1                  up   <none>
 eneas2                     up   <none>
 adelir5                    up   <none>
 adelir2                    up   <none>
 cortez3                    up   xxxxx@10.1.64.13
 cortez2                    up   xxxxx@10.1.64.13
 cortez1                    up   <none>
 osama1                     up   <none>
 osama4                     up   xxxxx@10.1.64.13
 dalborga0                  up   <none>

real	0m45.503s
user	0m0.128s
sys	0m0.016s
$

lombardi is the master server (ports belonging to it are preceded by
'lombardi'), while all the other ports are located in other servers
which just refer to lombardi as Master.

Thanks for your feedback :)!
Best Regards
Felipe