bind 8 slow when resolving new domains!
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Fri May 7 13:47:36 UTC 2004
dap99 at i-55.com wrote:
> I am having a big problem with slow internal DNS (named 8.3.7-REL on
> FreeBSD 4.9). If we do a query against a local domain (our DNS server
> is authoratative) then the response is fast. If we do a query against
> anything in bind's cache the resp. is fast. If we do a query for a new
> non-local domain then the resp is SLOW or times-out. FYI, we are
> behind a NetScreen firewall at a colo. The colo promises it is not
> them. Also, we are using their two DNS servers as forwarders.
> The colo promises it's not them, but frankly I can't see how it's us.
Stop using forwarding. It can only lengthen your responses.
And it should not be needed to specify source-port and decent
nat-box these days can keep track of matching an outgoing udp to
an incoming answer. If it can't it's sub-standard.
> Any ideas? Also, why so many FormErr (am I sending out bunk DNS
> queries?). This is a stock DNS install. I have the same problem on
> another identical FreeBSD/DNS server.
> I would be happy to show selected output from named -d 3.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list