DNS problems this morning -

Rick Stevens ricks at alldigital.com
Tue Nov 13 18:06:32 UTC 2012 

On 11/13/2012 08:38 AM, Bob Goodwin - Zuni, Virginia, USA issued this 
missive:
> On 13/11/12 09:59, Tim wrote:
>> I seem to recall that there is a way to set the timeout delay before
>> abandoning the first query, and querying the next server, but I don't
>> recall the details, and there's no man file for resolv.conf on this
>> installation of F17.  I don't know if there's configuration options
>> about always trying the first server, first.
>
> It looks like there is a way. From man resolv.conf:
>
>     options
>
>     Options allows certain internal resolver variables to be modified.
>     The syntax is options option ...
>
>     where option is one of the following:
>
>     timeout:n
>
>     sets the amount of time the resolver will wait for a response from a
>     remote name server before retrying the query via a different name
>     server. Measured in seconds, the default is RES_TIMEOUT (currently
>     5, see <resolv.h>). The value for this option is silently capped to 30.
>
>     attempts:n
>
>     sets the number of times the resolver will send a query to its name
>     servers before giving up and returning an error to the calling
>     application. The default is RES_DFLRETRY (currently 2, see
>     <resolv.h>). The value for this option is silently capped to 5.
>
>     It's not clear to me how to type the command though.

You don't. You put the entries in the /etc/resolv.conf file and the
resolver library picks them up.

>                                                         The 5 second
>     timeout seems much to long when combined with 5 tries, perhaps fewer
>     tries would be better? However I imagine there were good reasons for
>     the defaulsts ...

If you've ever run a big network (or a really popular one) you can watch
the DNS servers get pummeled--especially if you have short TTLs set on
the records. That being said, even a busy name server should respond in
5 seconds or less, so that seems reasonable.

The default retry count is 2 (not 5) so the defaults as stated would
result in a 10 second delay before the second DNS server is consulted.
Yes, that seems an eternity, but not everyone has fast Internet access.
There are still people with dial-up service (hard to believe, but
they're out there). The standards were set up to accommodate these older 
environments. If you want a true giggle, look up RFC 1149,
"Transmission of IP Datagrams on Avian Carriers" and be glad that it
never caught on. :-)

You can put in as long a timeout or as many retries as you want, but
the library will limit timeouts to no more than 30 seconds (even if you
specify 45) and no more than 5 retries (even if you specify 10). That's
what the "silently capped" bit means.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital    ricks at alldigital.com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-   To err is human.  To forgive, a large sum of money is needed.    -
----------------------------------------------------------------------

More information about the users mailing list