Re: [gentoo-server] Slow nameresolution with bind

Fri, 05 Mar 2010 12:08:39 -0800 

Am Freitag, den 05.03.2010, 10:59 +0100 schrieb Christian Bricart:
> Alexander Zimmerling wrote:
> > Hi guys,
> >
> > I am sitting here with my new gentoo server. At the moment I struggle
> > with bind. The problem is known, but I cannot solve it without help.
> 
> > [..]
> 
> have you tried to point upstream resolving to your provider's nameservers
> rather than always asking the root-nameservers..?
> 
> try adding:
> 
>   ..
>   forwarders {
>     8.8.8.8;
>     8.8.4.4;
>   };
>   ..
> 
> to the "options { ..}"-block in your /etc/bind/named.conf - which will
> then ask the Google-DNS cluster for unknown/uncached RR.
> You may also specify your provider's DNS IPs there to have an even shorter
> round-trip for lookups.
> 
> > P.S.: I've found a similar "bug" in bugzilla
> > (http://bugs.gentoo.org/show_bug.cgi?id=269202) but w/o resolution.
> 
> i doubt that your problem is IPv6 related.
> 
> Christian
> 
> 

Hi Christian,

find below my current (nearly copied) named.conf.
As you can see, forwarders are defined (a router, connected to the
internet). Name-resolution works like a charm in dmz (using the router).

<snip>

Tartessos ~ # cat /etc/bind/named.conf
//azi 2010 02 28
include "/etc/bind/log.conf";
options {
        directory "/var/bind";

        // uncomment the following lines to turn on DNS forwarding,
        // and change the forwarding ip address(es) :
        //forward first;
        forwarders {
                #192.168.0.3;
                192.168.5.1;
        };

//azi 2010 03 03
        listen-on-v6 { none; };
        listen-on { 127.0.0.1;
                    192.168.0.5;
        };

        // to allow only specific hosts to use the DNS server:
        allow-query {
                127.0.0.1;
                192.168.0.0/24;
        };

        auth-nxdomain yes;
        notify no;

        // if you have problems and are behind a firewall:
        //query-source address * port 53;
        pid-file "/var/run/named/named.pid";
        
        zone-statistics yes;
        statistics-file "/var/log/named.stats";
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localhost" IN {
        type master;
        file "pri/localhost.zone";
        allow-update { none; };
        notify no;
};

zone "127.in-addr.arpa" IN {
        type master;
        file "pri/127.zone";
        allow-update { none; };
        notify no;
};

};


<snap>

I've added the provided forwarders, which -in deed- speeds up
name-resolution. Some queries are still slow, but I guess, this is ok.
Thanks for your help.

Have a nice weekend

- Alex

Reply via email to