FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 07-01-2010, 05:42 PM
Tom Horsley
 
Default nscd cacher problem

Unfortunately, enabling or disabling IPV6 doesn't seem to have
much to do with the library doing V6 DNS lookups. I could
swear there was something added to nsswitch.conf or resolv.conf
that you could set to disable v6 dns requests, but I can't
remember what it was called.

I run bind as a caching nameserver, forwarding lookups to my
ISP's server and set the -4 option on the command line to
make it stick to ipv4 and all my DNS lookup problems vanished.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-01-2010, 06:20 PM
JD
 
Default nscd cacher problem

On 07/01/2010 10:42 AM, Tom Horsley wrote:
> Unfortunately, enabling or disabling IPV6 doesn't seem to have
> much to do with the library doing V6 DNS lookups. I could
> swear there was something added to nsswitch.conf or resolv.conf
> that you could set to disable v6 dns requests, but I can't
> remember what it was called.
>
> I run bind as a caching nameserver, forwarding lookups to my
> ISP's server and set the -4 option on the command line to
> make it stick to ipv4 and all my DNS lookup problems vanished.
bind is too complex to run and maintain.
Really, it is a huge overkill for what I need.

I hope nscd authors will fix it soon so it does not
purge it's cache every few seconds. I check'ed it's
config file and the
restart-interval 3600
seems reasonable.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-01-2010, 06:38 PM
Jurek Bajor
 
Default nscd cacher problem

On 07/01/2010 10:42 AM, Tom Horsley wrote:
> Unfortunately, enabling or disabling IPV6 doesn't seem to have
> much to do with the library doing V6 DNS lookups. I could
> swear there was something added to nsswitch.conf or resolv.conf
> that you could set to disable v6 dns requests, but I can't
> remember what it was called.
>
> I run bind as a caching nameserver, forwarding lookups to my
> ISP's server and set the -4 option on the command line to
> make it stick to ipv4 and all my DNS lookup problems vanished.
>> bind is too complex to run and maintain.
>> Really, it is a huge overkill for what I need.

>> I hope nscd authors will fix it soon so it does not
>> purge it's cache every few seconds. I check'ed it's
>> config file and the
>> restart-interval 3600
>> seems reasonable.

Hi,
I think that the default "restart-interval 3600", that is 3600
secs = 1hr,
is a low/impractical value. I mean you want to keep your cache for much longer,
perhaps a week or more ... It is why one wanted it in the first place.

Btw, there is a very good alternative (to BIND, etc) for DNS caching, namely
dnsmasq package. It is simpler, easier on resources.
I switched from bind to it and it serves me well.
It is part of F13, used in other distros (Slackware, etc).
> yum info dnsmasq
Jurek
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-01-2010, 06:45 PM
JD
 
Default nscd cacher problem

On 07/01/2010 11:38 AM, Jurek Bajor wrote:
> On 07/01/2010 10:42 AM, Tom Horsley wrote:
>> Unfortunately, enabling or disabling IPV6 doesn't seem to have
>> much to do with the library doing V6 DNS lookups. I could
>> swear there was something added to nsswitch.conf or resolv.conf
>> that you could set to disable v6 dns requests, but I can't
>> remember what it was called.
>>
>> I run bind as a caching nameserver, forwarding lookups to my
>> ISP's server and set the -4 option on the command line to
>> make it stick to ipv4 and all my DNS lookup problems vanished.
>>> bind is too complex to run and maintain.
>>> Really, it is a huge overkill for what I need.
>>> I hope nscd authors will fix it soon so it does not
>>> purge it's cache every few seconds. I check'ed it's
>>> config file and the
>>> restart-interval 3600
>>> seems reasonable.
> Hi,
> I think that the default "restart-interval 3600", that is 3600
> secs = 1hr,
> is a low/impractical value. I mean you want to keep your cache for much longer,
> perhaps a week or more ... It is why one wanted it in the first place.
>
> Btw, there is a very good alternative (to BIND, etc) for DNS caching, namely
> dnsmasq package. It is simpler, easier on resources.
> I switched from bind to it and it serves me well.
> It is part of F13, used in other distros (Slackware, etc).
>> yum info dnsmasq
> Jurek
I had used dnsmasq, but it also suffered from the same problem I am
having with nscd.
I will try to set the interval to a longer time and see if that helps.

Cheers,

JD
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-01-2010, 06:49 PM
JD
 
Default nscd cacher problem

On 07/01/2010 11:38 AM, Jurek Bajor wrote:
> On 07/01/2010 10:42 AM, Tom Horsley wrote:
>> Unfortunately, enabling or disabling IPV6 doesn't seem to have
>> much to do with the library doing V6 DNS lookups. I could
>> swear there was something added to nsswitch.conf or resolv.conf
>> that you could set to disable v6 dns requests, but I can't
>> remember what it was called.
>>
>> I run bind as a caching nameserver, forwarding lookups to my
>> ISP's server and set the -4 option on the command line to
>> make it stick to ipv4 and all my DNS lookup problems vanished.
>>> bind is too complex to run and maintain.
>>> Really, it is a huge overkill for what I need.
>>> I hope nscd authors will fix it soon so it does not
>>> purge it's cache every few seconds. I check'ed it's
>>> config file and the
>>> restart-interval 3600
>>> seems reasonable.
> Hi,
> I think that the default "restart-interval 3600", that is 3600
> secs = 1hr,
> is a low/impractical value. I mean you want to keep your cache for much longer,
> perhaps a week or more ... It is why one wanted it in the first place.
>
> Btw, there is a very good alternative (to BIND, etc) for DNS caching, namely
> dnsmasq package. It is simpler, easier on resources.
> I switched from bind to it and it serves me well.
> It is part of F13, used in other distros (Slackware, etc).
>> yum info dnsmasq
> Jurek
Is there a way to query nscd and ask it what's in it's cache?


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-01-2010, 07:20 PM
Jurek Bajor
 
Default nscd cacher problem

...
> Is there a way to query nscd and ask it what's in it's cache?

Hi,
have not used it, but quick lookup below may help ?

man nscd
> nscd --help
> nscd -g | --statistics
> nscd -d | --debug
> ls -al /var/db/nscd/

Trobleshooting Name Service Information

Each name service provides tool for acquiring information stored
within it. The problem is that it displays only information pertinent
to a particular name service without understanding of the influence of
/etc/nsswitch.conf on the real behavior of the system. To solve this
problem Selecting the correct In Solaris the getent utility provides
a generic retrieval interface to search several name service databases
in the order in which they are specified in/etc/nsswitch.conf.

Usage of the getent utility instead of service specific utilities like
nslookup, dig, ypmatch, etc can reduce troubleshooting time when
isolating name service malfunctions.

man getent

Jurek
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-01-2010, 09:06 PM
JD
 
Default nscd cacher problem

On 07/01/2010 12:20 PM, Jurek Bajor wrote:
> ls -al/var/db/nscd/
Thanx,
Doing sudo strings /var/db/nscd/hosts
showed the cached host names, prepended by their IP addresses.

Cheers,

JD
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-02-2010, 01:05 AM
Rick Stevens
 
Default nscd cacher problem

On 07/01/2010 11:20 AM, JD wrote:
> On 07/01/2010 10:42 AM, Tom Horsley wrote:
>> Unfortunately, enabling or disabling IPV6 doesn't seem to have
>> much to do with the library doing V6 DNS lookups. I could
>> swear there was something added to nsswitch.conf or resolv.conf
>> that you could set to disable v6 dns requests, but I can't
>> remember what it was called.
>>
>> I run bind as a caching nameserver, forwarding lookups to my
>> ISP's server and set the -4 option on the command line to
>> make it stick to ipv4 and all my DNS lookup problems vanished.
> bind is too complex to run and maintain.
> Really, it is a huge overkill for what I need.
>
> I hope nscd authors will fix it soon so it does not
> purge it's cache every few seconds. I check'ed it's
> config file and the
> restart-interval 3600
> seems reasonable.

Please check the "positive-time-to-live" option in the "hosts" section
of /etc/nscd.conf and make sure it's set to 3600.

"restart-interval" is only of use if you have "paranoia" set to "yes".
It's set to "no" by default, so "restart-interval" isn't even used.
"man nscd.conf" for further info. I think these are where your problems
are. I use nscd assiduously and it doesn't behave like that for me.

If you really want to disable IPV6, edit
/etc/modprobe.conf/blacklist.conf and add a line:

blacklist ipv6

Go through any /etc/sysconfig/network-scripts/ifcfg-* scripts and if
you see any "IPV6INIT=" or "IPV6_AUTOCONF=" lines, make sure they're set
to "no". Finally, edit /etc/sysconfig/network and if you see a
"NETWORKING_IPV6=yes" line, either remove it or set it to "no". Reboot
and ipv6 goes bye-bye.

Sidenote: Of course, 'twould be better if all ISPs did IPV6 correctly.
We WILL need it eventually.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, C2 Hosting ricks@nerd.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- All generalizations are false. -
----------------------------------------------------------------------
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-02-2010, 02:07 AM
JD
 
Default nscd cacher problem

On 07/01/2010 06:05 PM, Rick Stevens wrote:
> On 07/01/2010 11:20 AM, JD wrote:
>> On 07/01/2010 10:42 AM, Tom Horsley wrote:
>>> Unfortunately, enabling or disabling IPV6 doesn't seem to have
>>> much to do with the library doing V6 DNS lookups. I could
>>> swear there was something added to nsswitch.conf or resolv.conf
>>> that you could set to disable v6 dns requests, but I can't
>>> remember what it was called.
>>>
>>> I run bind as a caching nameserver, forwarding lookups to my
>>> ISP's server and set the -4 option on the command line to
>>> make it stick to ipv4 and all my DNS lookup problems vanished.
>> bind is too complex to run and maintain.
>> Really, it is a huge overkill for what I need.
>>
>> I hope nscd authors will fix it soon so it does not
>> purge it's cache every few seconds. I check'ed it's
>> config file and the
>> restart-interval 3600
>> seems reasonable.
> Please check the "positive-time-to-live" option in the "hosts" section
> of /etc/nscd.conf and make sure it's set to 3600.
I edited /etc/nscd.conf and set
positive-time-to-live 3600

and I was no longer able to restart nscd service.
I commented that line out, and I was able to restart it.

> "restart-interval" is only of use if you have "paranoia" set to "yes".
> It's set to "no" by default, so "restart-interval" isn't even used.
> "man nscd.conf" for further info. I think these are where your problems
> are. I use nscd assiduously and it doesn't behave like that for me.
>
> If you really want to disable IPV6, edit
> /etc/modprobe.conf/blacklist.conf and add a line:
>
> blacklist ipv6
You mean /etc/modprobe.d/blacklist.conf
OK. I did that. But that was not the issue
that was causing me any problems with nscd.
> Go through any /etc/sysconfig/network-scripts/ifcfg-* scripts and if
> you see any "IPV6INIT=" or "IPV6_AUTOCONF=" lines, make sure they're set
> to "no". Finally, edit /etc/sysconfig/network and if you see a
> "NETWORKING_IPV6=yes" line, either remove it or set it to "no". Reboot
> and ipv6 goes bye-bye.
My /etc/sysconfig/networking/devices/ifcfg-ra0 already has:

IPV6INIT=no

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 07-02-2010, 02:34 AM
Tim
 
Default nscd cacher problem

On Thu, 2010-07-01 at 11:20 -0700, JD wrote:
> bind is too complex to run and maintain.

It might be difficult to set up (I don't think so, though), but requires
no real maintenance. And changes to the root servers would be provided
to you by yum updates. The rests looks after itself.

--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.



--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 03:15 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org