Timeouts on forwarders??

Simon Waters Simon at wretched.demon.co.uk
Fri Feb 15 22:26:57 UTC 2002

Cris Rhea wrote:
> I have two machines running BIND. One server is running 8.1.2 the other
> is running 9.2.0.  For non-local queries that fail, it appears as if
> the 9.2.0 server takes twice as long to return "Server failed" than
> the 8.1.2 server.

First 8.1.2 has known security issues - so upgrade it.

> This is a problem because our high volume email server is doing reverse
> lookups that often fail (due to the normal nonsense on the Internet). Taking
> twice as long to fail is causing problems.
> Is there any way to tune the timeouts on the 9.2.0 server to fail
> faster for forwarded queries?

The usual discussion 8 v 9 concerns the fact that it doesn't
reorder forwarders according to performance, but if your
forwarders are working, and not overloaded I don't see why this
should cause a problem.

You don't describe your use of forwarders.

Either way I can't get more than 11s delay using BIND 9.2.0,
forwarders or no forwarders, for the query given, so something
is badly wrong on both boxes.

Maybe you have more nameservers listed in /etc/resolv.conf, or
the boxes are using badly configured forwarders, or the wrong
IP, suggest you try using "dig" locally to see if this is a DNS
issue, or just a client resolver issue.

i.e. If you time "dig -x ip" and you get 10s timeout on both
boxes, you know it isn't the DNS but how your using it.

