Host command timing out sporadically

Paul Marais paul at grayv.com
Wed May 2 22:41:20 UTC 2012 

So I discovered that if I just do: dig gmail.com I get no answers... but thats most likely because my NS is set to not allow recursion... what I didn't realize is that dig was not forwarding the request to my isp's NS.

When force the lookup on my isp's NS ie: dig @206.168.216.6 mx gmail.com, I get replies... and every 5 to 10 replies, there are one or 2 lookups that take a few seconds, and I think its these slower replies that postfix is timing out on.

If I do the same lookups on my home computer I experience the same delay every 5-10 lookups... so Im thinking my ISP's NS is just a little bogged down... and when postfix does a lookup at the same time... it gives up because the lookup takes too long and logs it as host not found... even though the NS finds it... postfix gave up before the reply came back.

So it looks like I just need to make postfix use a longer timeout perhaps.


On May 2, 2012, at 1:42 PM, Lyle Giese wrote:

> On 05/02/12 12:12, Paul Marais wrote:
>> Hi,
>> I'm having an issue where my postfix server is having trouble with some lookups.
>> When I type 'host<hostname>', 80% of the time I get decent reply speed, but for 20% I get a 5 second delay, or even a timeout.
>> 
>> My nameserver is configured to only allow recursion for hosts on my local network, and I have my ISP dns in my forwarders.
>> My resolv.conf has 127.0.0.1, my internal ip, and the ip for my isp DNS
>> 
>> Any help will be greatly appreciated.
>> 
>> Thanks
>> Paul
>> 
>> 
> Don't use host.  It's not telling us what is going wrong and it's only doing an A record lookup of host name.
> 
> Postfix does an MX lookup for the domain and then an A record lookup for the mail server(s) in the MX records.
> 
> Learn to use dig.
> 
> Do this:
> 
> dig mx example.com
> 
> If the answer is mail.example.com do this:
> 
> dig mx example.com
> 
> if either fail do this:
> 
> dig +trace mx example.com
> or
> dig +trace mail.example.com
> 
> And see if you can catch the failure and then we can do more for you.  The other side of this may be that your Internet connection is overloaded and you are dropping packets or it's taking too long for the query to get out and get the response.
> 
> Lyle Giese
> LCR Computer Services, Inc.
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>

More information about the bind-users mailing list