[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: Slow connection time - turning off reverse DNS lookup

Alexander.Stade Alexander.Stade@vattenfall.com
Fri, 21 Oct 2011 19:44:22 GMT


What do you get if you do nslookup on the different host names? Do you see delays there too?

The reason I ask is that if you indeed have a DNS server responding your replies should be instant. Suppose the DNS server itself has some problems left over from your IP migration. I perused the code briefly and I see nothing that leads me to believe conserver is deliberately trying to look up IP addresses in reverse, other than the regular gethost* functions.

Look at your DNS configuration first. Seems something is broken there. 

On Oct 21, 2011, at 9:27 PM, "Felipe Rechia" <feliperechia@gmail.com> wrote:

> Hi Alex!
> 
>> Without having the slightest clue about your setup aside from what you've told me, what type of system(s) are we dealing with? For instance, in Solaris you can define search orders in /etc/nsswitch.conf for hosts databases:
>> 
>> hosts: files dns
>> 
> I am using both conserver-server and client installed as packages for
> ubuntu 10.04.
> 
>> Then add the appropriate entries to your /etc/hosts file and things should speed up a bit.
>> 
> 
> Yes, this works. I've edited the /etc/hosts file of one server to test
> it , but since I have 6 conserver-servers, I'd always have to
> replicate any hostname updates to the /etc/hosts file of all servers.
> Currently I have around 10 different users which could connect from
> different IP addresses from our internal network, and some also from a
> range of IP addresses acquired via DHCP. So I'd have to create lots of
> entries in the files, and  I'm currently looking for a simpler option.
> 
>> As an aside, it doesn't make much sense to me that you'd get a 45 sec timeout if a DNS server is responding with an NXDOMAIN error. It seems to me that you're looking for DNS servers that aren't responding. I'd check to see if your DNS server settings are correct prior to trying to alter source code to circumvent this behavior.
>> 
> 
> The DNS server previously had all the access network hosts mapped as
> entries following a rule like this:
> 192.168.0.1 accessnetworkhost1
> 192.168.0.2 accessnetworkhost2
> 192.168.0.3 accessnetworkhost3
> 192.168.0.4 accessnetworkhost4
> 
> But after our IP migration, the DNS server was not updated.
> 
> Currently I don't have access to the DNS server, and I'd have to
> contact IT staff and ask them to add 254 IP entries to the server (I'm
> not sure if this can be done by specifying an IP range, I have no clue
> about how to configure the DNS server). I was trying to skip this
> because I want to avoid this reverse DNS lookup.
> 
> Or I could create my own DNS server and add those entries... In any
> case, I'd prefer to just turn off reverse dns lookup, if that is
> possible. :)
> 
> An explanation about the 45 seconds timeout: it is the sum of all
> timeouts from each conserver-server when I run console -u (I've
> removed usernames from the output):
> 
> $ time console -u
> lombardiCom1               up   xxxxx@10.1.64.1
> lombardi7                  up  xxxxx@10.1.64.13
> lombardi6                  up   xxxxx@10.1.64.1
> lombardi5                  up   <none>
> lombardi4                  up   <none>
> lombardi3                  up   xxxxx@10.1.64.13
> lombardi2                  up   xxxxx@10.1.64.13
> lombardi1                  up   xxxxx@10.1.64.1
> lombardi0                  up   xxxxx@10.1.64.1
> console: connect(): 3109@setubal: Connection refused
> eneasCom1                  up   <none>
> eneas2                     up   <none>
> adelir5                    up   <none>
> adelir2                    up   <none>
> cortez3                    up   xxxxx@10.1.64.13
> cortez2                    up   xxxxx@10.1.64.13
> cortez1                    up   <none>
> osama1                     up   <none>
> osama4                     up   xxxxx@10.1.64.13
> dalborga0                  up   <none>
> 
> real    0m45.503s
> user    0m0.128s
> sys    0m0.016s
> $
> 
> lombardi is the master server (ports belonging to it are preceded by
> 'lombardi'), while all the other ports are located in other servers
> which just refer to lombardi as Master.
> 
> Thanks for your feedback :)!
> Best Regards
> Felipe