Actually i suspect this problem, which i see too btw. - dns lookups
taking too long - is the same thing a collegue had with his gentoo
workstation a few weeks ago.
The new glibc sends out two dns requests, one for IN A, and one for IN
AAAA at about the same time _and_ with the same source port:
13:49:41.938380 IP 194.97.7.90.44176 > 194.97.173.116.53: 11012+ A?
www.mozilla.com. (33)
13:49:41.938408 IP 194.97.7.90.44176 > 194.97.173.116.53: 19425+ AAAA?
www.mozilla.com. (33)
13:49:41.950645 IP 194.97.173.116.53 > 194.97.7.90.44176: 19425 2/1/0
CNAME[|domain]
only one of these queries is answered as you can see. In a myriad of
tests we found out that its not the nameservers - which i run btw. - but
our firewall (linux 2.6) that has problems coping with that kind of
thing. [1]
As this is really heavily performance impacting for networked
applications and i suspect many firewall implementations to choke on
this i hereby kindly request a debian patch that makes libc6 use
a seperate query port for each DNS query. This is also more secure i
might add. [2]
Stefan
[1] http://www.spinics.net/lists/linux-net/msg16712.html
[2] http://www.faqs.org/rfcs/rfc5452.html
--
printk(KERN_WARNING MYNAM ": (time to go bang on somebodies door)\n");
linux-2.6.6/drivers/message/fusion/mptctl.c
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
