[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Slow connections in Debian squeeze

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7-12-2009 19:33, Andrew Sackville-West wrote:
> On Mon, Dec 07, 2009 at 10:41:35AM +0100, Nick Douma wrote:
>> On 7-12-2009 1:15, Andrew Sackville-West wrote:
>>> On Sun, Dec 06, 2009 at 04:08:11PM -0800, Andrew Sackville-West wrote:
>>>> On Mon, Dec 07, 2009 at 01:56:06AM +0200, Andrei Popescu wrote:
> [..]
>>>>>
>>>>> This sounds like an ipv4/ipv6 issue. Maybe this NEWS.Debian entry for
>>>>> libc6 has the solution:
>>>>>
>>>>> glibc (2.9-8) unstable; urgency=low
>>>>>
>>>>>   Starting with version 2.9-8, unified IPv4/IPv6 lookup have been enabled
>>>>>   in the glibc's resolver. This is faster, fixes numerous of bugs, but is
>>>>>   problematic on some broken DNS servers and/or wrongly configured 
>>>>>   firewalls. 
>>>>>   
>>>>>   If such a DNS server is detected, the resolver switches (permanently
>>>>>   for that process) to a mode where the second request is sent only when
>>>>>   the first answer has been received. This means the first request will
>>>>>   be timeout, but subsequent requests should be fast again. This 
>>>>>   behaviour can be enabled permanently by adding 'options single-request'
>>>>>   to /etc/resolv.conf.  
>>>>
>>>> Andrei, I owe you a beer!
>>>>
>>>> That's done it right there. Now it's just a matter of figuring out
>>>> whether it's my firewall or my dns server that's broken... :)
>>>
>>> blech... it's my firewall, or several public dns servers are broken...
>>>
>>> A
>>
>> How did you go about checking this? I use OpenDNS as dns servers and no
>> other firewall than what comes with Debian by default.
> 
> I just googled a list of public dns servers and tried several in a
> row. They all showed the same problem suggesting that the problem is
> local to me. Or, as I said, I happened to use only servers in the
> broken subset of available public servers.
> 
> specifically, it was a series of edits to /etc/resolv.conf to point to
> different servers and toggling the single-request option. 
> 
> regardless, it's nice to be snappy again. I didn't realise how
> annoying it was...
> 
> A

So to summarize, enabling the single-request option in /etc/resolv.conf
solves the 5 second delay issue? Or did you find a non-broken public DNS
server in the end?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAksdTDMACgkQkPq5zKsAFiijpQCgiRDa6+GWHXUqODQBh/z6+D2z
UQsAn3rwdCg0Kt+mdY7Og9iBLAX9OI0p
=5WZw
-----END PGP SIGNATURE-----
Reply to: