FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 07-25-2012, 08:57 PM
Steve Lindemann
 
Default DNS lookup delay with centos & postfix

I'm a bit baffled by this and I'm looking for ideas...

background:
two DNS servers (ns1 & ns2)(64bit CentOS 5.8)
one email server (64bit CentOS 5.8 & postfix 2.3.3)
one nagios server (64bit CentOS 5.8 & nagios 3.3.1)

situation:
- all servers configured to use both DNS servers for lookups
- ns1 server down for hardware problem
- nagios alerts that smtp on email server taking longer than 2 seconds
to respond
- nagios alert for smtp on email server clears when ns1 returns to service

- when I use dig from the email server command line there is no problem
or delay when ns1 is offline. It worked without a hitch using ns2.

Anyone have any ideas for why nagios would have trouble testing smtp on
the email server when the primary dns goes offline? I'm not even sure
where to look or who else would make sense to ask the question of on
this one. I'd appreciate any insight anyone out there has on this.
--
Steve
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2012, 09:21 PM
Tom Brown
 
Default DNS lookup delay with centos & postfix

Does dig use libresolv or read directly from resolv.conf? Also do you have a timeout configured in resolv.conf or are you relying on the os default?

On 25 Jul 2012, at 21:57, Steve Lindemann <steve@marmot.org> wrote:

> I'm a bit baffled by this and I'm looking for ideas...
>
> background:
> two DNS servers (ns1 & ns2)(64bit CentOS 5.8)
> one email server (64bit CentOS 5.8 & postfix 2.3.3)
> one nagios server (64bit CentOS 5.8 & nagios 3.3.1)
>
> situation:
> - all servers configured to use both DNS servers for lookups
> - ns1 server down for hardware problem
> - nagios alerts that smtp on email server taking longer than 2 seconds
> to respond
> - nagios alert for smtp on email server clears when ns1 returns to service
>
> - when I use dig from the email server command line there is no problem
> or delay when ns1 is offline. It worked without a hitch using ns2.
>
> Anyone have any ideas for why nagios would have trouble testing smtp on
> the email server when the primary dns goes offline? I'm not even sure
> where to look or who else would make sense to ask the question of on
> this one. I'd appreciate any insight anyone out there has on this.
> --
> Steve
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2012, 09:25 PM
Dennis Jacobfeuerborn
 
Default DNS lookup delay with centos & postfix

On 07/25/2012 10:57 PM, Steve Lindemann wrote:
> I'm a bit baffled by this and I'm looking for ideas...
>
> background:
> two DNS servers (ns1 & ns2)(64bit CentOS 5.8)
> one email server (64bit CentOS 5.8 & postfix 2.3.3)
> one nagios server (64bit CentOS 5.8 & nagios 3.3.1)
>
> situation:
> - all servers configured to use both DNS servers for lookups
> - ns1 server down for hardware problem
> - nagios alerts that smtp on email server taking longer than 2 seconds
> to respond
> - nagios alert for smtp on email server clears when ns1 returns to service
>
> - when I use dig from the email server command line there is no problem
> or delay when ns1 is offline. It worked without a hitch using ns2.
>
> Anyone have any ideas for why nagios would have trouble testing smtp on
> the email server when the primary dns goes offline? I'm not even sure
> where to look or who else would make sense to ask the question of on
> this one. I'd appreciate any insight anyone out there has on this.
>

The default timeout for a DNS lookup is usually 5 seconds so the system
will try ns1, time out after 5 seconds and then use ns2.

Regards,
Dennis
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2012, 09:31 PM
Les Mikesell
 
Default DNS lookup delay with centos & postfix

On Wed, Jul 25, 2012 at 4:25 PM, Dennis Jacobfeuerborn
<dennisml@conversis.de> wrote:
> On 07/25/2012 10:57 PM, Steve Lindemann wrote:
>> I'm a bit baffled by this and I'm looking for ideas...
>>
>> background:
>> two DNS servers (ns1 & ns2)(64bit CentOS 5.8)
>> one email server (64bit CentOS 5.8 & postfix 2.3.3)
>> one nagios server (64bit CentOS 5.8 & nagios 3.3.1)
>>
>> situation:
>> - all servers configured to use both DNS servers for lookups
>> - ns1 server down for hardware problem
>> - nagios alerts that smtp on email server taking longer than 2 seconds
>> to respond
>> - nagios alert for smtp on email server clears when ns1 returns to service
>>
>> - when I use dig from the email server command line there is no problem
>> or delay when ns1 is offline. It worked without a hitch using ns2.
>>
>> Anyone have any ideas for why nagios would have trouble testing smtp on
>> the email server when the primary dns goes offline? I'm not even sure
>> where to look or who else would make sense to ask the question of on
>> this one. I'd appreciate any insight anyone out there has on this.
>>
>
> The default timeout for a DNS lookup is usually 5 seconds so the system
> will try ns1, time out after 5 seconds and then use ns2.
>

Yes, a delay is normal when the 1st dns server is down. You might
want to run a caching nameserver on your email server (and perhaps
others) so you don't wait for cached addresses. The caching servers
can use the main ones as forwarders if necessary.

--
Les Mikesell
lesmikesell@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2012, 09:47 PM
Steve Lindemann
 
Default DNS lookup delay with centos & postfix

On 7/25/2012 3:21 PM, Tom Brown wrote:
> Does dig use libresolv or read directly from resolv.conf? Also do you have a timeout configured in resolv.conf or are you relying on the os default?

dig uses resolv.conf and no timeouts are configured there. I don't know
there the OS would have a default configured or what it is. Another
reply indicated there would be a 5 second delay. That seems a bit high
to me.

I used dig from the email svr command line with the primary DNS svr up
and (naturally) it pulled from there as normal. Then I downed the
primary DNS svr, saw the nagios check fail and tried again. The same
dig lookup was actually faster and pulled from the secondary DNS svr
just fine. And, again, the nagios alert cleared as soon as the primary
DNS svr was back online.

For both tests I used: dig mx google.com

--
Steve
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2012, 09:55 PM
John R Pierce
 
Default DNS lookup delay with centos & postfix

On 07/25/12 1:57 PM, Steve Lindemann wrote:
> Anyone have any ideas for why nagios would have trouble testing smtp on
> the email server when the primary dns goes offline? I'm not even sure
> where to look or who else would make sense to ask the question of on
> this one. I'd appreciate any insight anyone out there has on this.

DNS lookups default to using 53/udp, and only use 53/tcp for zone
transfers. could it be 53/udp is being lost/blocked between this host
and your ns1 ?



--
john r pierce N 37, W 122
santa cruz ca mid-left coast

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2012, 09:58 PM
Tom Brown
 
Default DNS lookup delay with centos & postfix

> dig uses resolv.conf and no timeouts are configured there. I don't know
> there the OS would have a default configured or what it is. Another
> reply indicated there would be a 5 second delay. That seems a bit high
> to me.
>
> I used dig from the email svr command line with the primary DNS svr up
> and (naturally) it pulled from there as normal. Then I downed the
> primary DNS svr, saw the nagios check fail and tried again. The same
> dig lookup was actually faster and pulled from the secondary DNS svr
> just fine. And, again, the nagios alert cleared as soon as the primary
> DNS svr was back online.
>
> For both tests I used: dig mx google.com

i would always have a timeout in your resolv.conf rather than relying
on the OS default.

Set that to 1 second and test again to see if there is any difference.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2012, 10:23 PM
Steve Lindemann
 
Default DNS lookup delay with centos & postfix

On 7/25/2012 3:55 PM, John R Pierce wrote:
> On 07/25/12 1:57 PM, Steve Lindemann wrote:
>> Anyone have any ideas for why nagios would have trouble testing smtp on
>> the email server when the primary dns goes offline? I'm not even sure
>> where to look or who else would make sense to ask the question of on
>> this one. I'd appreciate any insight anyone out there has on this.
>
> DNS lookups default to using 53/udp, and only use 53/tcp for zone
> transfers. could it be 53/udp is being lost/blocked between this host
> and your ns1 ?
>

good question but unlikely... all the servers are in the same dmz and
sit on the same switch.
--
Steve
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-25-2012, 10:29 PM
Steve Lindemann
 
Default DNS lookup delay with centos & postfix

On 7/25/2012 3:58 PM, Tom Brown wrote:
>> dig uses resolv.conf and no timeouts are configured there. I don't know
>> there the OS would have a default configured or what it is. Another
>> reply indicated there would be a 5 second delay. That seems a bit high
>> to me.
>>
>> I used dig from the email svr command line with the primary DNS svr up
>> and (naturally) it pulled from there as normal. Then I downed the
>> primary DNS svr, saw the nagios check fail and tried again. The same
>> dig lookup was actually faster and pulled from the secondary DNS svr
>> just fine. And, again, the nagios alert cleared as soon as the primary
>> DNS svr was back online.
>>
>> For both tests I used: dig mx google.com
>
> i would always have a timeout in your resolv.conf rather than relying
> on the OS default.
>
> Set that to 1 second and test again to see if there is any difference.

and that sounds like the best solution so far. I hadn't considered
that... haven't look at that file in ages.

I do like knowing why something doesn't work, but I'm good with just
getting it to work too. I'll give this a try, thanks!
--
Steve
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-26-2012, 01:27 AM
"Joseph L. Casale"
 
Default DNS lookup delay with centos & postfix

>DNS lookups default to using 53/udp, and only use 53/tcp for zone
>transfers. could it be 53/udp is being lost/blocked between this host
>and your ns1 ?

Unfortunately that is a common misconception.

Tcp is used far more often than "only" as stated such as for size of request
exceeding udp response size etc...

Bottom line is both ports are needed, not just for zone xfers.

jlc
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 06:11 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org