bind 9.2.4 --new queries take > 4 seconds
Andreas Papst
andreas.papst at univie.ac.at
Mon Nov 8 16:18:07 UTC 2004
Hi Kevin,
I guess you/your recursive resolver are behind a PIX-Firewall
which has enabled "DNS Guard" [1].
Either disabling this function by issuing the "no fixup dns" command
or increase the value of "maximum length" argument from 512 to 1400
on PIX-Firewall works fine with us.
[1] http://honor.trusecure.com/pipermail/firewall-wizards/2003-October/015430.html
The delay comes from loading authoritative NS-RR for .com or .net
from *.gtlds-servers.net into your resolver's cache
(According to our monitoring, this problem has emerged around Oct. 26th).
Hope it helps
Andreas
On Mon, Nov 08, 2004 at 11:19:43AM +0100, Uwe Gansert wrote:
> On Saturday 06 November 2004 00:59, Kevin Layer wrote:
>
> > This is on SuSE 9.2, though it happened on 9.1, too.
> >
> > # dig +stats iii.com
> [...]
> > >>>;; Query time: 4592 msec
> >
> > Almost 4.6 seconds. After the first time, it's fast (a few ms).
>
> I can not reproduce this. I tried it with different queries but it always=20
> takes just some ms but never more than a second.
>
> > Ideas, anyone? I'm at wits end on this...
>
> you can try the 9.3.0 RPMs in my people directory but I hardly believe this=
> =20
> will solve the problem.
> ftp://ftp.suse.com/pub/people/ug/RPMs/
>
> =2D-=20
> ciao, Uwe Gansert
>
> Uwe Gansert, Server Technologies Team
> SUSE LINUX Products GmbH, Maxfeldstrasse 5, D-90409 N=FCrnberg, Germany
> e-mail: uwe.gansert at suse.de, Tel: +49-(0)911-74053-0,
> =46ax: +49-(0)911-74053-476, Web: http://www.suse.de =20
>
>
___________________________________
Andreas Papst
Vienna University Computer Center
Universitaetsstrasse 7
A-1010 Vienna, Austria, Europe
More information about the bind-users
mailing list