On Wed, Nov 06, 2013 at 02:11:11PM +0100, mourik jan heupink wrote: > Hi all, > > We are seeing strange delays in dns resolving with apt-get and wget. > Tried various public dns servers (for example google dns, opendns) > I used tcpdump to see what actually happens, and we found out that > apt-get makes two requests for security.debian.org: > standard query A > and > standard query AAAA > But only the first query is answered... > > Five seconds later, apt-get asks the same AGAIN, but this time waits > for an answer, and obtains both A and AAAA addresses: > >No. Time Source Destination Protocol Info > > 1 0.000000 192.87.143.xx 8.8.8.8 DNS > > Standard query A security.debian.org > > 2 0.000018 192.87.143.xx 8.8.8.8 DNS > > Standard query AAAA security.debian.org > > 3 0.025487 8.8.8.8 192.87.143.xx DNS > > Standard query response A 212.211.132.250 A 212.211.132.32 A 195.20.242.89 > > 4 5.004465 192.87.143.xx 8.8.8.8 DNS > > Standard query A security.debian.org > > 5 5.005530 8.8.8.8 192.87.143.xx DNS > > Standard query response A 212.211.132.250 A 212.211.132.32 A 195.20.242.89 > > 6 5.005601 192.87.143.xx 8.8.8.8. DNS > > Standard query AAAA security.debian.org > > 7 5.030211 8.8.8.8 192.87.143.xx DNS > > Standard query response AAAA 2001:8d8:580:400:6564:a62:0:2 AAAA > > 2001:a78:5:1:216:35ff:fe7f:6ceb AAAA 2001:a78:5:0:216:35ff:fe7f:be4f > Note: of course security.debian.org has an AAAA record, and my > machine is also 100% ipv6 enabled. (and generally ipv4/ipv6 both > work as expected) > > We see no delays at all when using 'host' to get the info: > > >host ftp.nluug.nl > >ftp.nluug.nl has address 192.87.102.42 > >ftp.nluug.nl has address 192.87.102.43 > >ftp.nluug.nl has IPv6 address 2001:610:1:80aa:192:87:102:43 > >ftp.nluug.nl has IPv6 address 2001:610:1:80aa:192:87:102:42 > >root@ws063:~# > > If we use 'wget' to download files, we see the same behaviour: > > >wget http://ftp.nluug.nl/README.nluug > >--2013-11-06 13:55:54-- http://ftp.nluug.nl/README.nluug > >Resolving ftp.nluug.nl (ftp.nluug.nl)... 192.87.102.43, 192.87.102.42, > >2001:610:1:80aa:192:87:102:42, ... > Just the resolving takes 5 seconds, but the result is good: both > ipv4 and ipv6 addresses are returned. Downloading goes with normal > speed. > > Interestingly: When instructing wget to use ipv4 or ipv6, BOTH work quickly. > > wget -6 http://ftp.nluug.nl/README.nluug > or > > wget -4 http://ftp.nluug.nl/README.nluug > work quick. > > I have also tried setting ipv6-addresses-only in /etc/resolv.conf, > with exactly the same problems/results. > > Can anyone here give me soms tips or clues what could be the problem > here? Really hope someone has a clue...
Perhaps the last test is the most telling. If you don't specify how to look up the domain, it takes a while, but if you say you want an IPv4 or IPv6 address, it's quick. In that case, I'd look at /etc/resolv.conf, /etc/host.conf and /etc/nsswitch.conf. My suspicion is that some other name service is being checked first (ldap, perhaps) and that's timing out. > > Regards, > MJ > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a > subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: http://lists.debian.org/527a3fef.3050...@merit.unu.edu >
signature.asc
Description: Digital signature
