From: Alexander Zimmerling <Alexander.Zimmerling@ieee.org>
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] Slow nameresolution with bind
Date: Fri, 05 Mar 2010 20:47:26 +0100 [thread overview]
Message-ID: <1267818446.15596.15.camel@Ur> (raw)
In-Reply-To: <7ee216e79d887ee8dc9e74b2e6255e1d.squirrel@aachalon.de>
Am Freitag, den 05.03.2010, 10:59 +0100 schrieb Christian Bricart:
> Alexander Zimmerling wrote:
> > Hi guys,
> >
> > I am sitting here with my new gentoo server. At the moment I struggle
> > with bind. The problem is known, but I cannot solve it without help.
>
> > [..]
>
> have you tried to point upstream resolving to your provider's nameservers
> rather than always asking the root-nameservers..?
>
> try adding:
>
> ..
> forwarders {
> 8.8.8.8;
> 8.8.4.4;
> };
> ..
>
> to the "options { ..}"-block in your /etc/bind/named.conf - which will
> then ask the Google-DNS cluster for unknown/uncached RR.
> You may also specify your provider's DNS IPs there to have an even shorter
> round-trip for lookups.
>
> > P.S.: I've found a similar "bug" in bugzilla
> > (http://bugs.gentoo.org/show_bug.cgi?id=269202) but w/o resolution.
>
> i doubt that your problem is IPv6 related.
>
> Christian
>
>
Hi Christian,
find below my current (nearly copied) named.conf.
As you can see, forwarders are defined (a router, connected to the
internet). Name-resolution works like a charm in dmz (using the router).
<snip>
Tartessos ~ # cat /etc/bind/named.conf
//azi 2010 02 28
include "/etc/bind/log.conf";
options {
directory "/var/bind";
// uncomment the following lines to turn on DNS forwarding,
// and change the forwarding ip address(es) :
//forward first;
forwarders {
#192.168.0.3;
192.168.5.1;
};
//azi 2010 03 03
listen-on-v6 { none; };
listen-on { 127.0.0.1;
192.168.0.5;
};
// to allow only specific hosts to use the DNS server:
allow-query {
127.0.0.1;
192.168.0.0/24;
};
auth-nxdomain yes;
notify no;
// if you have problems and are behind a firewall:
//query-source address * port 53;
pid-file "/var/run/named/named.pid";
zone-statistics yes;
statistics-file "/var/log/named.stats";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "pri/localhost.zone";
allow-update { none; };
notify no;
};
zone "127.in-addr.arpa" IN {
type master;
file "pri/127.zone";
allow-update { none; };
notify no;
};
};
<snap>
I've added the provided forwarders, which -in deed- speeds up
name-resolution. Some queries are still slow, but I guess, this is ok.
Thanks for your help.
Have a nice weekend
- Alex
prev parent reply other threads:[~2010-03-05 20:09 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-05 6:42 [gentoo-server] Slow nameresolution with bind Alexander Zimmerling
2010-03-05 9:59 ` Christian Bricart
2010-03-05 19:47 ` Alexander Zimmerling [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1267818446.15596.15.camel@Ur \
--to=alexander.zimmerling@ieee.org \
--cc=gentoo-server@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox