FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 05-16-2012, 02:11 AM
JD
 
Default nscd and DNS cache

I have nscd running.
/etc/resolv.conf starts out with
nameserver 127.0.0.1
nameserver 192.168.1.254


The 192.168.1.254 is the router, which has been a fast and reliable
resolver.


So, to test nscd caching behavior,
I browse (using FF) over to any website.
After some time, the address is resolved and the page comes up.
I kill the tab of the page, and open a new tab and aim the browser
at same url. Browser again says: looking up whatever....com and takes
several seconds to resolve it.

I thought that nscd is supposed to cache the translation from the
first lookup.

Am I to believe that the browser is NOT using /etc/resolv.conf?
If not, what is it using?
Or could it be that nscd is useless in this respect?

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 04:20 AM
Ed Greshko
 
Default nscd and DNS cache

On 05/16/2012 10:11 AM, JD wrote:
> I have nscd running.
> /etc/resolv.conf starts out with
> nameserver 127.0.0.1
> nameserver 192.168.1.254
>
>
> The 192.168.1.254 is the router, which has been a fast and reliable resolver.
>
> So, to test nscd caching behavior,
> I browse (using FF) over to any website.
> After some time, the address is resolved and the page comes up.
> I kill the tab of the page, and open a new tab and aim the browser
> at same url. Browser again says: looking up whatever....com and takes
> several seconds to resolve it.
>
> I thought that nscd is supposed to cache the translation from the
> first lookup.
>
> Am I to believe that the browser is NOT using /etc/resolv.conf?
> If not, what is it using?
> Or could it be that nscd is useless in this respect?
>

I've not looked at nscd in a long time....but I never could see the value in it and
never could get it to what I thought was a working or useful configuration for my needs.

No browser or application uses resolv.conf directly. They make calls to the resolver
libraries which in turn use it.

IMO, if your router does caching name services there really is no benefit to having
systems do their own caching since the overhead of local requests should be small.
However, it seems that your router may not be caching since it is taking several seconds.

In cases where the router isn't doing caching, or is doing it poorly, I prefer to
simply run bind on a single server and point all the systems to it for resolution.

With the current Fedora systems this is easy. All one need to do is install bind and
bind-chroot and enable/start the service. On the "bind" host all you need is
127.0.0.1 defined as a nameserver. Then, if you use a tool such as "wireshark" you
will see that requests will only go out if the answer is not in the cache or the TTL
has expired.

--
Never be afraid to laugh at yourself, after all, you could be missing out on the joke
of the century. -- Dame Edna Everage
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 06:54 AM
JD
 
Default nscd and DNS cache

On Tue, May 15, 2012 at 9:20 PM, Ed Greshko <Ed.Greshko@greshko.com> wrote:
> On 05/16/2012 10:11 AM, JD wrote:
>> I have nscd running.
>> /etc/resolv.conf starts out with
>> nameserver 127.0.0.1
>> nameserver 192.168.1.254
>>
>>
>> The 192.168.1.254 is the router, which has been a fast and reliable resolver.
>>
>> So, to test nscd caching behavior,
>> I browse (using FF) over to any website.
>> After some time, the address is resolved and the page comes up.
>> I kill the tab of the page, and open a new tab and aim the browser
>> at same url. Browser again says: looking up whatever....com and takes
>> several seconds to resolve it.
>>
>> I thought that nscd is supposed to cache the translation from the
>> first lookup.
>>
>> Am I to believe that the browser is NOT using /etc/resolv.conf?
>> If not, what is it using?
>> Or could it be that nscd is useless in this respect?
>>
>
> I've not looked at nscd in a long time....but I never could see the value in it and
> never could get it to what I thought was a working or useful configuration for my needs.
>
> No browser or application uses resolv.conf directly. *They make calls to the resolver
> libraries which in turn use it.
>
> IMO, if your router does caching name services there really is no benefit to having
> systems do their own caching since the overhead of local requests should be small.
> However, it seems that your router may not be caching since it is taking several seconds.
>
> In cases where the router isn't doing caching, or is doing it poorly, I prefer to
> simply run bind on a single server and point all the systems to it for resolution.
>
> With the current Fedora systems this is easy. *All one need to do is install bind and
> bind-chroot and enable/start the service. *On the "bind" host all you need is
> 127.0.0.1 defined as a nameserver. *Then, if you use a tool such as "wireshark" you
> will see that requests will only go out if the answer is not in the cache or the TTL
> has expired.
>
I understand the libs are what make calls to the resolver. But even
the resolver must look
at /etc/resolv.conf. If it is empty, NOTHING gets resolved.
I was using nscd thinking it is a lightweight caching resolver. But as
it turns out it is useless.
Time for fedora to bury it
Re: My router: it does very little if any caching - and has no
configuration for it at all.

I will try bind.

Thanx Ed.

JD
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 07:10 AM
Siddhesh Poyarekar
 
Default nscd and DNS cache

On 16 May 2012 07:41, JD <jd1008@gmail.com> wrote:
> I have nscd running.
> /etc/resolv.conf starts out with
> nameserver 127.0.0.1
> nameserver 192.168.1.254
>
>
> The 192.168.1.254 is the router, which has been a fast and reliable
> resolver.
>
> So, to test nscd caching behavior,
> I browse (using FF) over to any website.
> After some time, the address is resolved and the page comes up.
> I kill the tab of the page, and open a new tab and aim the browser
> at same url. Browser again says: looking up whatever....com and takes
> several seconds to resolve it.
>
> I thought that nscd is supposed to cache the translation from the
> first lookup.
>
> Am I to believe that the browser is NOT using /etc/resolv.conf?
> If not, what is it using?
> Or could it be that nscd is useless in this respect?

nscd should cache host lookups if it is configured correctly. Run nscd
-g to see caching statistics and see if they tally with your usage. If
all of them are misses then you need to run nscd in debug mode with
'nscd -d' to see why the caching is not working. Make sure you
increase the value of debug-level to get verbose messages.

An easy test is to use 'getent hosts <hostname>' and 'getent ahosts
<hostname>' and study the nscd logs to see if you get a cache miss
everytime.


--
Siddhesh Poyarekar
http://siddhesh.in
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 07:29 AM
Ed Greshko
 
Default nscd and DNS cache

On 05/16/2012 02:54 PM, JD wrote:
> I understand the libs are what make calls to the resolver. But even
> the resolver must look
> at /etc/resolv.conf.

Well, you did say: "Am I to believe that the browser is NOT using /etc/resolv.conf"
which to me reads that you were thinking that somehow the browser itself should be
using resolv.conf. I'm sorry if I misread what you wrote.

> If it is empty, NOTHING gets resolved.

Not "entirely" true.

With named not running.....

[egreshko@f16-1 ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
#search greshko.com
#nameserver 192.168.0.55

[egreshko@f16-1 ~]$ ping misty
PING misty (192.168.0.55) 56(84) bytes of data.
64 bytes from misty (192.168.0.55): icmp_req=1 ttl=64 time=1.99 ms

since /etc/nsswitch.conf contains

hosts: files dns

and /etc/hosts contains

192.168.0.55 misty

if you take the "files" out of the hosts line....then NOTHING gets resolved.

> I was using nscd thinking it is a lightweight caching resolver. But as
> it turns out it is useless.
> Time for fedora to bury it
> Re: My router: it does very little if any caching - and has no
> configuration for it at all.
>
> I will try bind.

I've not used it....but have heard good things about dnsmasq which, according to yum
info, is A lightweight DHCP/caching DNS server.


--
Never be afraid to laugh at yourself, after all, you could be missing out on the joke
of the century. -- Dame Edna Everage
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 08:11 AM
JD
 
Default nscd and DNS cache

On 05/16/2012 01:10 AM, Siddhesh Poyarekar wrote:

On 16 May 2012 07:41, JD<jd1008@gmail.com> wrote:

I have nscd running.
/etc/resolv.conf starts out with
nameserver 127.0.0.1
nameserver 192.168.1.254


The 192.168.1.254 is the router, which has been a fast and reliable
resolver.

So, to test nscd caching behavior,
I browse (using FF) over to any website.
After some time, the address is resolved and the page comes up.
I kill the tab of the page, and open a new tab and aim the browser
at same url. Browser again says: looking up whatever....com and takes
several seconds to resolve it.

I thought that nscd is supposed to cache the translation from the
first lookup.

Am I to believe that the browser is NOT using /etc/resolv.conf?
If not, what is it using?
Or could it be that nscd is useless in this respect?

nscd should cache host lookups if it is configured correctly. Run nscd
-g to see caching statistics and see if they tally with your usage. If
all of them are misses then you need to run nscd in debug mode with
'nscd -d' to see why the caching is not working. Make sure you
increase the value of debug-level to get verbose messages.

An easy test is to use 'getent hosts<hostname>' and 'getent ahosts
<hostname>' and study the nscd logs to see if you get a cache miss
everytime.

When I have more time I might debug it.
Perhaps you have more time on your hands?

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 08:27 AM
JD
 
Default nscd and DNS cache

On 05/16/2012 01:29 AM, Ed Greshko wrote:

On 05/16/2012 02:54 PM, JD wrote:

I understand the libs are what make calls to the resolver. But even
the resolver must look
at /etc/resolv.conf.

Well, you did say: "Am I to believe that the browser is NOT using /etc/resolv.conf"
which to me reads that you were thinking that somehow the browser itself should be
using resolv.conf. I'm sorry if I misread what you wrote.


If it is empty, NOTHING gets resolved.

Not "entirely" true.

With named not running.....

[egreshko@f16-1 ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
#search greshko.com
#nameserver 192.168.0.55

[egreshko@f16-1 ~]$ ping misty
PING misty (192.168.0.55) 56(84) bytes of data.
64 bytes from misty (192.168.0.55): icmp_req=1 ttl=64 time=1.99 ms

since /etc/nsswitch.conf contains

hosts: files dns

and /etc/hosts contains

192.168.0.55 misty

if you take the "files" out of the hosts line....then NOTHING gets resolved.

nsswitch comes out of the box with files listed first for hosts resolution.
I do not modify it.



I was using nscd thinking it is a lightweight caching resolver. But as
it turns out it is useless.
Time for fedora to bury it
Re: My router: it does very little if any caching - and has no
configuration for it at all.

I will try bind.

I've not used it....but have heard good things about dnsmasq which, according to yum
info, is A lightweight DHCP/caching DNS server.

I have used dnsmasq as well, and communicated with it's author
a couple of years ago.
But as I recall, it did not seem to help much, as I observed that
browsing to a website with just a couple of minutes lapse time,
FF showed on the status line it was looking up the domain.
Perhaps the cache expiry was set to a very short time?


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 08:33 AM
fedora
 
Default nscd and DNS cache

... or try dnsmasq

suomi

On 05/16/2012 08:54 AM, JD wrote:

On Tue, May 15, 2012 at 9:20 PM, Ed Greshko<Ed.Greshko@greshko.com> wrote:

On 05/16/2012 10:11 AM, JD wrote:

I have nscd running.
/etc/resolv.conf starts out with
nameserver 127.0.0.1
nameserver 192.168.1.254


The 192.168.1.254 is the router, which has been a fast and reliable resolver.

So, to test nscd caching behavior,
I browse (using FF) over to any website.
After some time, the address is resolved and the page comes up.
I kill the tab of the page, and open a new tab and aim the browser
at same url. Browser again says: looking up whatever....com and takes
several seconds to resolve it.

I thought that nscd is supposed to cache the translation from the
first lookup.

Am I to believe that the browser is NOT using /etc/resolv.conf?
If not, what is it using?
Or could it be that nscd is useless in this respect?



I've not looked at nscd in a long time....but I never could see the value in it and
never could get it to what I thought was a working or useful configuration for my needs.

No browser or application uses resolv.conf directly. They make calls to the resolver
libraries which in turn use it.

IMO, if your router does caching name services there really is no benefit to having
systems do their own caching since the overhead of local requests should be small.
However, it seems that your router may not be caching since it is taking several seconds.

In cases where the router isn't doing caching, or is doing it poorly, I prefer to
simply run bind on a single server and point all the systems to it for resolution.

With the current Fedora systems this is easy. All one need to do is install bind and
bind-chroot and enable/start the service. On the "bind" host all you need is
127.0.0.1 defined as a nameserver. Then, if you use a tool such as "wireshark" you
will see that requests will only go out if the answer is not in the cache or the TTL
has expired.


I understand the libs are what make calls to the resolver. But even
the resolver must look
at /etc/resolv.conf. If it is empty, NOTHING gets resolved.
I was using nscd thinking it is a lightweight caching resolver. But as
it turns out it is useless.
Time for fedora to bury it
Re: My router: it does very little if any caching - and has no
configuration for it at all.

I will try bind.

Thanx Ed.

JD

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 09:18 AM
Daniel Bossert
 
Default nscd and DNS cache

fedora skrev 16.05.12 10:33:
> ... or try dnsmasq
>
> suomi
>
> On 05/16/2012 08:54 AM, JD wrote:
>> On Tue, May 15, 2012 at 9:20 PM, Ed Greshko<Ed.Greshko@greshko.com>
>> wrote:
>>> On 05/16/2012 10:11 AM, JD wrote:
>>>> I have nscd running.
>>>> /etc/resolv.conf starts out with
>>>> nameserver 127.0.0.1
>>>> nameserver 192.168.1.254
>>>>
>>>>
>>>> The 192.168.1.254 is the router, which has been a fast and reliable
>>>> resolver.
>>>>
>>>> So, to test nscd caching behavior,
>>>> I browse (using FF) over to any website.
>>>> After some time, the address is resolved and the page comes up.
>>>> I kill the tab of the page, and open a new tab and aim the browser
>>>> at same url. Browser again says: looking up whatever....com and takes
>>>> several seconds to resolve it.
>>>>
>>>> I thought that nscd is supposed to cache the translation from the
>>>> first lookup.
>>>>
>>>> Am I to believe that the browser is NOT using /etc/resolv.conf?
>>>> If not, what is it using?
>>>> Or could it be that nscd is useless in this respect?
>>>>
>>>
>>> I've not looked at nscd in a long time....but I never could see the
>>> value in it and
>>> never could get it to what I thought was a working or useful
>>> configuration for my needs.
>>>
>>> No browser or application uses resolv.conf directly. They make
>>> calls to the resolver
>>> libraries which in turn use it.
>>>
>>> IMO, if your router does caching name services there really is no
>>> benefit to having
>>> systems do their own caching since the overhead of local requests
>>> should be small.
>>> However, it seems that your router may not be caching since it is
>>> taking several seconds.
>>>
>>> In cases where the router isn't doing caching, or is doing it
>>> poorly, I prefer to
>>> simply run bind on a single server and point all the systems to it
>>> for resolution.
>>>
>>> With the current Fedora systems this is easy. All one need to do is
>>> install bind and
>>> bind-chroot and enable/start the service. On the "bind" host all
>>> you need is
>>> 127.0.0.1 defined as a nameserver. Then, if you use a tool such as
>>> "wireshark" you
>>> will see that requests will only go out if the answer is not in the
>>> cache or the TTL
>>> has expired.
>>>
>> I understand the libs are what make calls to the resolver. But even
>> the resolver must look
>> at /etc/resolv.conf. If it is empty, NOTHING gets resolved.
>> I was using nscd thinking it is a lightweight caching resolver. But as
>> it turns out it is useless.
>> Time for fedora to bury it
>> Re: My router: it does very little if any caching - and has no
>> configuration for it at all.
>>
>> I will try bind.
>>
>> Thanx Ed.
>>
>> JD
HI
Why do you have 127.0.0.1 in /etc/resolv.conf? Could it be that your
computer ask himself to resolv this ip and as he can't do that then he
get to your router and ask?
Do you have the same behaviour when only your router's ip adress is in
/etc/resolv.conf?

kind regards
Daniel
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 05-16-2012, 09:26 AM
JD
 
Default nscd and DNS cache

On 05/16/2012 01:29 AM, Ed Greshko wrote:

On 05/16/2012 02:54 PM, JD wrote:

I understand the libs are what make calls to the resolver. But even
the resolver must look
at /etc/resolv.conf.

Well, you did say: "Am I to believe that the browser is NOT using /etc/resolv.conf"
which to me reads that you were thinking that somehow the browser itself should be
using resolv.conf. I'm sorry if I misread what you wrote.


If it is empty, NOTHING gets resolved.

Not "entirely" true.

With named not running.....

[egreshko@f16-1 ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
#search greshko.com
#nameserver 192.168.0.55

[egreshko@f16-1 ~]$ ping misty
PING misty (192.168.0.55) 56(84) bytes of data.
64 bytes from misty (192.168.0.55): icmp_req=1 ttl=64 time=1.99 ms

since /etc/nsswitch.conf contains

hosts: files dns

and /etc/hosts contains

192.168.0.55 misty

if you take the "files" out of the hosts line....then NOTHING gets resolved.


I was using nscd thinking it is a lightweight caching resolver. But as
it turns out it is useless.
Time for fedora to bury it
Re: My router: it does very little if any caching - and has no
configuration for it at all.

I will try bind.

I've not used it....but have heard good things about dnsmasq which, according to yum
info, is A lightweight DHCP/caching DNS server.



ps -ef | grep dnsmasq
nobody 2344 1 0 May14 ? 00:00:00 /usr/sbin/dnsmasq
--strict-order --bind-interfaces
--pid-file=/var/run/libvirt/network/default.pid --conf-file=
--except-interface lo --listen-address 192.168.122.1 --dhcp-range
192.168.122.2,192.168.122.254
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases
--dhcp-lease-max=253 --dhcp-no-override


where is dnsmask starter script? I looked in /lib/systemd/system and do
not find these arguments
there nor in the env file listed in the start systemd start script. Also
checked /etc/systemd/system
Nothing there that betrays these args, Seems that it is started by some
other service?? Like vboxnet?



--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 

Thread Tools




All times are GMT. The time now is 06:47 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org