How to speed up the DNS?

Len Conrad LConrad at
Mon Feb 11 02:51:50 UTC 2002

>I have juist set up a DNS(bind 8.23) server for one company.

that's a vulnerable version, upgrade to 8.3.1

>I fould it slow to solve the names that are not in the db of DNS but can 
>quickly response to the correct ones.
>  ping a.b.c.d (a.b.c.d is no entry in db of dns)  very slowly cost about 
> 1 min

"recursive" queries take 1 minute

>  ping ( can be solved by the dns server) very quickly

authoritative queries, instantaneous

>I think the root.cache file may cause the delay.

no.  you at least have a root.cache file, because recursive queries work

>Because the dns server is still used in the internal and can not access 

then how can it resolve any recursive queries?

>Every query tries every server in the file.

tries every server in the root.cache file?

on the bind machine, what does




... show?

"normally", your named should home in on as having the lowest 

turn on named logging with print time, here's a sample bind8 logging 
statement, adjust the path :

  channel my_file {file "c:/winnt/system32/dns/etc/"; severity 
debug; print-time yes; };
  category default {my_file;};
  category panic {my_file;};
  category packet {my_file;};
  category eventlib {my_file;};
  category queries {my_file;};
  category lame-servers { null;};
  category cname { null;};

and run

ndc trace

then, do a query you know is slow, and look in the look in and 
see at what step(s) the delays are.

repeat until you know where the delays are.

ndc notrace

... to turn of trace logging

Len : ISC BIND 8.2.4 for NT4 & W2K  : Build free, hi-perf, anti-abuse mail gateways

More information about the bind-users mailing list