nscd cacher problem

[Tim]

On Thu, 2010-07-01 at 09:22 -0700, JD wrote:
> I am running nscd-2.12-2.i686 on F13.
> 
> my /etc/resolv.conf contains:
> nameserver 127.0.0.1
> followed by other nameservers from my provider.
> I am using the default nscd.conf file
> 
> My email client is Thunderbird.
> 
> Every time i check for email, or send a message,
> thunderbird takes it many seconds to find the ip address
> of pop.gmail.com
> 
> Similarly, firefox takes it sometimes almost 60 seconds to resolve
> web site ip addresses.

Well, you want to get your local nameserver resolving internet IP
addresses.  Because, by the sound of things, it's not.  Or get rid of
it, and just use the ISP's nameservers.  Or decrease the timeout period
before the computer consults another name server.

Your computer tries the first name server (listed in resolv.conf) to
resolve an address, and when it doesn't an answer, it tries the next
one, after a time out period.  For the next name look up, it repeats
that process (from the first nameserver, again).  If that time out
period is long, you're always going to have long delays.

You can use the dig tool to test things out.  See the man file for more
details, but in a nutshell.  Type the name you want to test after the
command, followed by the nameserver you want to query, after an @ sign.

e.g. dig example.com @127.0.0.1

Quite how to get nscd working, in the first place, I really don't know.
I've never bothered with half-baked name serving, I run BIND.  Looking
at the nscd and nscd.conf man files.  But I don't think you put
127.0.0.1 in as a nameserver, I think you stick with your ISP's name
servers in the resolv.conf file.  And play with the nsswitch.conf file
to change /how/ name solving lookups are done, rather than where.  To
put caching somewhere into the equation.  Look at the "hosts" line in
that conf file.

Mine has this in it:

  #hosts:     db files nisplus nis dns
  hosts:      files dns

The uncommented line means that mine *first* looks in the /etc/hosts
file, *then* does a DNS query.  The commented line was the original.

My guess would be that you need something else before dns, to make use
of nscd, first.  Unless, nscd puts data into the hosts file.

In my case, I ignore the name servers provided by my ISP.  Every ISP
that I've used over the last 10 years (I think), has had problems.  Some
were just useless, including two of the biggest ISPs in the country.  I
run BIND, and it consults the top root servers like a real DNS server is
supposed to do, when it doesn't already have an answer.  And it caches
the results, like it's supposed to (according to the TTL data in the
original records).  All the computers on my LAN use my nameserver.

-- 
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.