From owner-freebsd-hackers Sat May 25 16: 7:25 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from dastardly.newsbastards.org.72.27.172.IN-addr.ARPA.NetScum.dyndns.dk (dclient217-162-214-126.hispeed.ch [217.162.214.126]) by hub.freebsd.org (Postfix) with ESMTP id ADD6E37B407 for ; Sat, 25 May 2002 16:07:18 -0700 (PDT) Received: from www.netscum.dyndns.dk (ipv6.NetScum.dyndns.dk [2002:d9a2:d67e:0:200:c0ff:fefc:19aa]) by dastardly.newsbastards.org.72.27.172.IN-addr.ARPA.NetScum.dyndns.dk (8.11.6/8.11.6-SPAMMERS-DeLiGHt) with ESMTP id g4PN6PR01507 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified NO) for ; Sun, 26 May 2002 01:06:29 +0200 (CEST) (envelope-from bounce@netscum.dyndns.dk) Received: (from root@localhost) by www.netscum.dyndns.dk (8.11.6/SMI-4.1-R00T0WNED) id g4PN6OG01506; Sun, 26 May 2002 01:06:24 +0200 (CEST) (envelope-from bounce@netscum.dyndns.dk) Date: Sun, 26 May 2002 01:06:24 +0200 (CEST) Message-Id: <200205252306.g4PN6OG01506@www.netscum.dyndns.dk> From: BOUWSMA Beery References: <200205112253.g4BMrVUn041734@wartch.sapros.com> To: hackers@freebsd.org Subject: Re: gethostbyname2 and AF_INET6 Organization: Men not wearing any pants that dont shave X-Hacked: via telnet to your port 25, what else? X-Internet-Access-Provided-By: Mountain Informatik AG X-NetScum: Yes X-One-And-Only-Real-True-Fluffy: No Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG (sorry for the delay in posting this to an old thread...) Servus! You wrote: > Recently mozilla has been really slow resolving some DNS queries. I tracked > this down to a call to gethostbyname2. For some addresses (e.g. > 'www.vanguard.com'), gethostbyname2 with AF_INET6 will fail and takes more > than a minute. I verified this with my own short program that does nothing I had a similar problem, with `lynx' and many hosts (also not g00gle) but only with one of the several providers I have at my fingertips. I'll tell you what I figured out and what I did. I'm running my own DNS caching swerver, which I've tried to point at the provider du jour's suggested DNS machines from any DHCP packets, or just guessed, in `forward only' mode. This to keep traffic down. Of course with backup DNS forwarders since no provider's suggested ones have been always up when I've wanted to use them. As it turned out, the eternal lookups happened after I pointed to the Cabal Modem provider's suggested DNS IPs, but it took me a while to catch on. As soon as I commented out the offending IPs from my list of forwarders and restarted named, the problem lookups completed just fine. I also did a tcpdump to see that the particular DNS forwarder that I was querying with these AAAA lookups was returning bogus data, and so it would retry for a while, before giving up and looking at the next forwarder or trying A queries, I do no remember. So this is mostly for the archives -- some providers are running b0rken DNS servers that they may want you to use, which result in minute-long periods before some hostnames resolve. My solution has been to override use of those and point at the known-good DNS machines elsewhere at that provider, or from a different provider (when access is allowed). I don't seem to be able to reproduce the problem now, though, so the particular nameswervers may have been `improved'... yrz, barry bouwsma To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message