Antwort: Re: Antwort: Re: timeout by DNS? [Virus checked]

• Previous message: Damir Delija: "Re: AIX Printer and Printer Queue management"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date:         Tue, 23 Nov 2004 14:10:19 +0100
To: aix-l@Princeton.EDU

The algorithm says: try to reach the primary after RES_TIMEOUT for the
first time and retry for RES_RETRY times in sum.
The default value says concrete: if you can’t find the primary wait 5 sec
and try again. After that, try another 3 times: wait
another 10 sec, try again; wait 20 sec, try again; and finally, wait 40 sec
and try for the 4th time to reach the primary. If
the 4th try fails, look for the secondary.

|---------+--------------------------------->
| | |
| | fmu@OERAG.DE |
| | |
| | Gesendet von: |
| | aix-l@Princeton.EDU |
| | 23.11.2004 14:06 |
| | Bitte antworten an |
| | aix-l |
| | |
|---------+--------------------------------->
>-------------------------------------------------------------------------------------------------------------------------|
  | |
  |An: aix-l@Princeton.EDU |
  |Kopie: |
  |Blindkopie: |
  |Thema: Antwort: Re: Antwort: Re: timeout by DNS? [Virus checked] |
>-------------------------------------------------------------------------------------------------------------------------|

Hi Holger,

that is o.k. You change the values and it works (now 15 seconds). But what
is the reason that the client don't go after 5 seconds over the second
entrie in the /etc/resolv.conf.
I think the client try to connect the first nameserver, after 5 seconds to
the second nameserver. If the second nameserver is o.k. the nslookup comes
back. After 5 seconds, not 15 seconds!

I don't understand this!

Best regards,
Frank

                      Holger.VanKoll@SW
                      ISSCOM.COM An:
aix-l@Princeton.EDU
                      Gesendet von: IBM Kopie:
                      AIX Discussion Thema: Re: Antwort: Re:
timeout by DNS? [Virus checked]
                      List
                      <aix-l@Princeton.
                      EDU>

                      23.11.2004 13:49
                      Bitte antworten
                      an IBM AIX
                      Discussion List

for me it works, see below
what values did you set those variables to?

(0)root@sbe16098 173# time nslookup gd2y5d
*** Can't find server name for address 93.47.226.200:No response from
server
Server: dnsc.swissptt.ch
Address: 10.32.17.13

Name: gd2y5d.swissptt.ch
Address: 10.49.184.130

real 1m15.02s
user 0m0.00s
sys 0m0.00s
(0)root@sbe16098 174# export RES_RETRY=2
(0)root@sbe16098 175# export RES_TIMEOUT=5
(0)root@sbe16098 176# time nslookup gd2y5d
*** Can't find server name for address 93.47.226.200:No response from
server
Server: dnsc.swissptt.ch
Address: 10.32.17.13

Name: gd2y5d.swissptt.ch
Address: 10.49.184.130

real 0m15.01s
user 0m0.00s
sys 0m0.00s
(0)root@sbe16098 177# unset RES_RETRY RES_TIMEOUT
(0)root@sbe16098 178# time nslookup gd2y5d
*** Can't find server name for address 93.47.226.200:No response from
server
Server: dnsc.swissptt.ch
Address: 10.32.17.13

Name: gd2y5d.swissptt.ch
Address: 10.49.184.130

real 1m15.01s
user 0m0.00s
sys 0m0.00s

-----Original Message-----
From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU] On Behalf Of
fmu@OERAG.DE
Sent: Tuesday, November 23, 2004 1:35 PM
To: aix-l@Princeton.EDU
Subject: Antwort: Re: timeout by DNS? [Virus checked]

Hi Vesna,

thanks for your answer.
Your explanation is good and something about this I found in the
Internet.
Which I do not understand, if the first entry is wrong or the first
nameserver was crashed, the second entry should function after 5
seconds.
But why functioned that not and it does run all cycles through (75s).

Best regards,
Frank Mueller

                      Vesna Vranesic
                      <vesna.vranesic@R An:
aix-l@Princeton.EDU
                      ZB.AT> Kopie:
                      Gesendet von: IBM Thema: Antwort: Re:
timeout by DNS? [Virus checked]
                      AIX Discussion
                      List
                      <aix-l@Princeton.
                      EDU>

                      23.11.2004 13:17
                      Bitte antworten
                      an IBM AIX
                      Discussion List

The quotation I have found few years ago about this issue:

"On AIX, a DNS query will wait a total of 75 seconds before

failing over to the second nameserver entry in the resolv.conf.
The 75 sec timeout period comes from two values RES_RETRY and
RES_TIMEOUT. The way it works is the dns client will try to contact the
dns server, then if it doesn't get an answer back it will wait 5 seconds
and try again, then it will wait 10 secs and try again, 20 sec and try
again, 40 secs and try again.
.
5 + 10 + 20 + 40 = 75 seconds
If you want to change these on the dns client do the following:
.
# export RES_RETRY=value
# export RES_TIMEOUT=value
.
The timeout is defined by two values :
      RES_TIMEOUT (default 5 sec)
      RES_RETRY (defautl 4 times)
      Each retry the initial timeout value is multipied by 2 .
      Example :
      5 + 10 + 20 + 40 = 75 <--- default timeout .
      The Cust can export other values to change this behaviour .
      Example :
      export RES_TIMEOUT=10
      export RES_RETRY=2
.
      10 + 20 = 30 seconds timeout
.
In order for these to remain in effect after a reboot you need to vi

/etc/environment and add these in the file."

I am not sure if something has changed recently (read: for AIX5L).

Ciao
Vesna

|---------+--------------------------------->
| | |
| | hdkutz@HDKUTZ.DE |
| | |
| | Gesendet von: |
| | aix-l@Princeton.EDU |
| | 23.11.2004 12:48 |
| | Bitte antworten an |
| | aix-l |
| | |
|---------+--------------------------------->

>-----------------------------------------------------------------------
--------------------------------------------------|

  |
  |
  |An: aix-l@Princeton.EDU
  |
  |Kopie:
  |
  |Blindkopie:
  |
  |Thema: Re: timeout by DNS? [Virus checked]
  |

>-----------------------------------------------------------------------
--------------------------------------------------|

On Tue, Nov 23, 2004 at 12:25:38PM +0100, Holger.VanKoll@SWISSCOM.COM
wrote:
> >Now I change the first entrie to a wrong IP-adress for the first
> nameserver, the nslookup needs a long time to go to the second
> nameserver.
> then, dont do that ;-)
>
> >Now my question is, what is the parameter to tune the timeout for
DNS?
>
> well, the timeouts for nslookup , host, dig are different - so it
> looks like its up to the application nslookup has (afair) a
-timeout=option
>
> I doubt there is a system-wide parameter that you can tune
>
> if dns-response time is critical, run a local caching-only nameserver
Hmm. Why isn't "options rotate" like in Linux or Solaris implemented in
AIX?
Recently we had a problem with our Production Nameserver. All Solaris
and Linux Boxes went fine, only AIX got into trouble resolving Names
from the secondary Nameserver, waiting for timeout of the primary DNS.

Cheers,
ku

--
C-3PO:
        Sir, the possibility of successfully navigating
        an asteroid field is approximately 3,720 to 1!
Han Solo:
        Never tell me the odds!
This message and any attachment ("the Message") are confidential. If you
have received the Message in error, please notify the sender immediately
and delete the Message from your system , any use of the Message is
forbidden.
Correspondence via e-mail is primarily for information purposes. RZB
neither makes nor accepts legally binding statements unless otherwise
 agreed to the contrary.
This message and any attachment ("the Message") are confidential. If you
have received the Message in error, please notify the sender immediately
and delete the Message from your system , any use of the Message is
forbidden.
Correspondence via e-mail is primarily for information purposes. RZB
neither makes nor accepts legally binding statements unless otherwise
agreed to the contrary.

• Previous message: Damir Delija: "Re: AIX Printer and Printer Queue management"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

• Antwort: Re: Antwort: Re: timeout by DNS? [Virus checked]
  ... I think the client try to connect the first nameserver, ... If the second
  nameserver is o.k. ... *** Can't find server name for address 93.47.226.200:No response
  from ... Subject: Antwort: Re: timeout by DNS? ... (AIX-L)
• Re: Problem in sending mail from local SMTP service
  ... yahoo.com nameserver = ns2.yahoo.com ... >>recieve an error stating that
  a DNS error caused the ... > server". ... >>a network connectivity
  issue or intermittent connectivity. ... (microsoft.public.inetserver.iis.smtp_nntp)
• Re: Proper rules/procedures for setting up DNS/Default Gateways
  ... I recently replaced my 'server' ... > and DNS addresses are static
  but the same as the WAN side. ... When I do DNS on myself, I use 127.0.0.1 for nameserver.
  ... > even on the clients and both interfaces on the dual ported server. ...
  (microsoft.public.windowsxp.network_web)
• Re: Probleme mit ISA 2004 beim Zugriff vom Internet auf lokales Ne
  ... Ebenfalls im Internet steht eine Secondary Nameserver, ... Primary Nameserver
  kommuniziert. ... Ich möchte den ISA Server so konfigurieren, ... > Secondary
  DNS Server fuer Deine registrierten Domaenen? ... (microsoft.public.de.german.isaserver)
• Re: RPC is unavailable when try to transfer FSMO Roles
  ... on the DNS server ... Registry value: DnsAvoidRegisterRecords ...
  To stop registration of both NICs, add or alter this ... (microsoft.public.windows.server.active_directory)