Re: nscd and DNS cache

On 05/18/2012 10:56 AM, Joe Zeff wrote: On 05/18/2012 10:35 AM, JD wrote: On 05/18/2012 10:22 AM, Joe Zeff wrote: On 05/18/2012 12:22 AM, JD wrote: I think that's more tolerable than having to wait anywhere from 10 to 30 seconds to resolve every new name browsed to; (new relative to contents o

Re: nscd and DNS cache

On 05/18/2012 10:35 AM, JD wrote: On 05/18/2012 10:22 AM, Joe Zeff wrote: On 05/18/2012 12:22 AM, JD wrote: I think that's more tolerable than having to wait anywhere from 10 to 30 seconds to resolve every new name browsed to; (new relative to contents of the cache). If the name isn't in your

Re: nscd and DNS cache

On 05/18/2012 10:22 AM, Joe Zeff wrote: On 05/18/2012 12:22 AM, JD wrote: I think that's more tolerable than having to wait anywhere from 10 to 30 seconds to resolve every new name browsed to; (new relative to contents of the cache). If the name isn't in your cache, you're going to have to loo

Re: nscd and DNS cache

On 05/18/2012 12:22 AM, JD wrote: I think that's more tolerable than having to wait anywhere from 10 to 30 seconds to resolve every new name browsed to; (new relative to contents of the cache). If the name isn't in your cache, you're going to have to look it up and using a longer TTL isn't goi

Re: nscd and DNS cache

On Thu, May 17, 2012 at 22:19:26 -0700, JD wrote: I have switched to dnsmasq and so far, it is not too bad. Albeit, it's cache purge algorithm seems to have a very short ttl for any translation - like about 3 to 5 minutes!!! I looked for a configuration in dnsmasq.conf that would force dnsma

Re: nscd and DNS cache

On 05/18/2012 05:52 PM, JD wrote: > > 0.00user 0.00system 0:00.08elapsed 12%CPU (0avgtext+0avgdata 2628maxresident)k > 0inputs+0outputs (0major+743minor)pagefaults 0swaps Yep That is much better BTW, dig is in bind and can be download from http://www.isc.org/software/bind/990/download/b

Re: nscd and DNS cache

On 05/18/2012 02:44 AM, Ed Greshko wrote: On 05/18/2012 05:40 PM, Ed Greshko wrote: I can't see how your router or ISP could add to the "real" time. I suppose you don't have another system to check it Could you try the non-builtin time command? /usr/bin/time dig @8.8.8.8 www.ny.com App

Re: nscd and DNS cache

On 05/18/2012 02:40 AM, Ed Greshko wrote: On 05/18/2012 05:21 PM, JD wrote: That value is good for comparison only as it is not the real time. Take a look at this: time dig @8.8.8.8 www.ny.com ;<<>> DiG 9.8.2-RedHat-9.8.2-1.fc16<<>> @8.8.8.8 www.ny.com ; (1 server found) ;; global options: +

Re: nscd and DNS cache

On 05/18/2012 05:40 PM, Ed Greshko wrote: > I can't see how your router or ISP could add to the "real" time. I suppose > you don't > have another system to check it Could you try the non-builtin time command? /usr/bin/time dig @8.8.8.8 www.ny.com -- Never be afraid to laugh at yourself, a

Re: nscd and DNS cache

On 05/18/2012 05:21 PM, JD wrote: > That value is good for comparison only as it is not > the real time. Take a look at this: > > time dig @8.8.8.8 www.ny.com > > ; <<>> DiG 9.8.2-RedHat-9.8.2-1.fc16 <<>> @8.8.8.8 www.ny.com > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HE

Re: nscd and DNS cache

On 05/18/2012 01:21 AM, Ed Greshko wrote: On 05/18/2012 03:47 PM, JD wrote: I am indeed pointing my resolv.conf to the 2 google nameservers. You're probably right about our home network. I think the router has a very low bandwidth (hardware wise), probably because it doubles up as the decoder fo

Re: nscd and DNS cache

On 05/18/2012 03:47 PM, JD wrote: > I am indeed pointing my resolv.conf to the 2 google > nameservers. > You're probably right about our home network. > I think the router has a very low bandwidth (hardware wise), > probably because it doubles up as the decoder for the TV > contents being viewed on

Re: nscd and DNS cache

On 05/18/2012 12:37 AM, Ed Greshko wrote: On 05/18/2012 03:22 PM, JD wrote: So, what's to prevent someone from simply modifying dnsmasq (or any other open source caching name resolver) to change the expiration time to a value greater than what the owner of the domain wants? Sure it may result in

Re: nscd and DNS cache

On 05/18/2012 03:22 PM, JD wrote: > So, what's to prevent someone from simply modifying dnsmasq > (or any other open source caching name resolver) to change > the expiration time to a value greater than what the owner > of the domain wants? Sure it may result in using stale > ip addresses once in a

Re: nscd and DNS cache

On 05/17/2012 10:49 PM, Ed Greshko wrote: On 05/18/2012 01:35 PM, Ed Greshko wrote: There should not be a configuration for that. If there is, then dnsmasq would be going against the recommendations of the DNS RFCs. The response to a DNS request includes a TTL (Time To Live). According to the R

Re: nscd and DNS cache

On 05/18/2012 01:35 PM, Ed Greshko wrote: > There should not be a configuration for that. If there is, then dnsmasq would > be > going against the recommendations of the DNS RFCs. The response to a DNS > request > includes a TTL (Time To Live). According to the RFC TTL which is the time > t

Re: nscd and DNS cache

On 05/18/2012 01:19 PM, JD wrote: > > > On Thu, May 17, 2012 at 9:46 PM, Gordon Messmer > wrote: > > On 05/17/2012 09:19 PM, JD wrote: > > That's excellent info. contradicts what other people have replied. > > > I also meant to point out that if you select

Re: nscd and DNS cache

On Thu, May 17, 2012 at 9:46 PM, Gordon Messmer wrote: > On 05/17/2012 09:19 PM, JD wrote: > >> That's excellent info. contradicts what other people have replied. >> > > I also meant to point out that if you select nscd rather than a local > caching server, you don't need 127.0.0.1 in resolv.conf

Re: nscd and DNS cache

On 05/17/2012 09:19 PM, JD wrote: That's excellent info. contradicts what other people have replied. I also meant to point out that if you select nscd rather than a local caching server, you don't need 127.0.0.1 in resolv.conf. glibc connects to nscd via a Unix socket rather than via IP. Th

Re: nscd and DNS cache

On Thu, May 17, 2012 at 8:59 PM, Gordon Messmer wrote: > On 05/15/2012 07:11 PM, JD wrote: >> >> I have nscd running. >> /etc/resolv.conf starts out with >> nameserver 127.0.0.1 > > > If you're actually running a local caching name server (bind or dnsmasq), > you don't need nscd.  Running both is

Re: nscd and DNS cache

On 05/15/2012 07:11 PM, JD wrote: I have nscd running. /etc/resolv.conf starts out with nameserver 127.0.0.1 If you're actually running a local caching name server (bind or dnsmasq), you don't need nscd. Running both is overkill. You're going to waste memory by having everything cached in

Re: nscd and DNS cache

On 05/17/2012 03:02 PM, JD wrote: > That was the magic bullett! > Thanx Ed. Welcome... > Strange that Chrome has IPV6 disabled by default, and FF does not. I don't think Chrome has IPv6 disabled...there isn't even a setting for it. I think it just deals with it in a more "intelligent" manner.

Re: nscd and DNS cache

On 05/17/2012 12:21 AM, Ed Greshko wrote: On 05/17/2012 02:06 PM, JD wrote: That value is already set to false. I'm suggesting you set it to "true" to disable IPv6. Yes I did try Chrome. Chrome resolves domain names as fast as nslookup . After I browsed to a domain using Chrome, and it almost

Re: nscd and DNS cache

On 05/17/2012 02:06 PM, JD wrote: > That value is already set to false. I'm suggesting you set it to "true" to disable IPv6. > Yes I did try Chrome. > Chrome resolves domain names as fast as nslookup . > After I browsed to a domain using Chrome, and it almost immediately > resolved and it brought

Re: nscd and DNS cache

On 05/16/2012 06:21 PM, Ed Greshko wrote: On 05/17/2012 03:52 AM, JD wrote: Well, after running dnsmasq with the configuration I just emailed, I see the following behavior of firefox vs. running nslookup on command line. FF, even after resolving google.com only a minute ago, is still spinning s

Re: nscd and DNS cache

On 05/17/2012 03:52 AM, JD wrote: > Well, after running dnsmasq with the configuration I just emailed, > I see the following behavior of firefox vs. running nslookup on command line. > > FF, even after resolving google.com only a minute ago, is still spinning > saying: > lookup up www.google.com >

Re: nscd and DNS cache

On 05/16/2012 10:39 AM, Ed Greshko wrote: On 05/17/2012 12:28 AM, Greg Woods wrote: On Thu, 2012-05-17 at 00:13 +0800, Ed Greshko wrote: when you do a look up on www.cnn.com it will return 4 IP addresses. Now, since bind would have that in its cache it wouldn't have to send out a query. Wh

Re: nscd and DNS cache

On 05/16/2012 12:41 PM, Tom Horsley wrote: On Wed, 16 May 2012 09:42:20 -0600 JD wrote: It isn't useless for me at work: It is the only thing that makes NIS lookups reliable. At some point in time, glibc apparently changed the timeout for NIS to something like 3 nanoseconds :-). 3 ns?? So, wha

Re: nscd and DNS cache

On Wed, 16 May 2012 09:42:20 -0600 JD wrote: > > It isn't useless for me at work: It is the only thing that makes > > NIS lookups reliable. At some point in time, glibc apparently > > changed the timeout for NIS to something like 3 nanoseconds :-). > 3 ns?? So, what did you do to make it work?

Re: nscd and DNS cache

On Wed, May 16, 2012 at 9:13 AM, Ed Greshko wrote: > On 05/16/2012 11:47 PM, JD wrote: >> Interesting point. Hard to believe that  most domain controllers would that. >> Must be a small  percentage? > > I have no idea what percentage it may be.  But 300 seems a bit low > > I'd have to do some

Re: nscd and DNS cache

On 05/17/2012 12:28 AM, Greg Woods wrote: > On Thu, 2012-05-17 at 00:13 +0800, Ed Greshko wrote: >> when you do a look up on www.cnn.com it will return 4 IP >> addresses. Now, since bind would have that in its cache it wouldn't have to >> send out >> a query. What I don't know is if an applicat

Re: nscd and DNS cache

On Thu, 2012-05-17 at 00:13 +0800, Ed Greshko wrote: > when you do a look up on www.cnn.com it will return 4 IP > addresses. Now, since bind would have that in its cache it wouldn't have to > send out > a query. What I don't know is if an application would make a request would > the list > be

Re: nscd and DNS cache

On Wed, 2012-05-16 at 09:47 -0600, JD wrote: > On 05/16/2012 03:33 AM, Ed Greshko wrote: > I've seen cases where the > TTL has been set to as low as 300 seconds. > Interesting point. Hard to believe that most domain controllers would that. > Must be a small percentage? As a DNS administrator,

Re: nscd and DNS cache

On 05/16/2012 11:47 PM, JD wrote: > Interesting point. Hard to believe that most domain controllers would that. > Must be a small percentage? I have no idea what percentage it may be. But 300 seems a bit low I'd have to do some research but it very well may be that sites set their TTL's

Re: nscd and DNS cache

On 05/16/2012 03:33 AM, Ed Greshko wrote: On 05/16/2012 04:27 PM, JD wrote: I have used dnsmasq as well, and communicated with it's author a couple of years ago. But as I recall, it did not seem to help much, as I observed that browsing to a website with just a couple of minutes lapse time, FF s

Re: nscd and DNS cache

On 05/16/2012 03:33 AM, Ed Greshko wrote: On 05/16/2012 04:27 PM, JD wrote: I have used dnsmasq as well, and communicated with it's author a couple of years ago. But as I recall, it did not seem to help much, as I observed that browsing to a website with just a couple of minutes lapse time, FF s

Re: nscd and DNS cache

On 05/16/2012 03:33 AM, Tom Horsley wrote: On Tue, 15 May 2012 23:54:03 -0700 JD wrote: I was using nscd thinking it is a lightweight caching resolver. But as it turns out it is useless. Time for fedora to bury it :) It isn't useless for me at work: It is the only thing that makes NIS lookups

Re: nscd and DNS cache

On 05/16/2012 04:27 PM, JD wrote: > I have used dnsmasq as well, and communicated with it's author > a couple of years ago. > But as I recall, it did not seem to help much, as I observed that > browsing to a website with just a couple of minutes lapse time, > FF showed on the status line it was lo

Re: nscd and DNS cache

On Tue, 15 May 2012 23:54:03 -0700 JD wrote: > I was using nscd thinking it is a lightweight caching resolver. But as > it turns out it is useless. > Time for fedora to bury it :) It isn't useless for me at work: It is the only thing that makes NIS lookups reliable. At some point in time, glibc a

Re: nscd and DNS cache

On 05/16/2012 03:18 AM, Daniel Bossert wrote: fedora skrev 16.05.12 10:33: ... or try dnsmasq suomi On 05/16/2012 08:54 AM, JD wrote: On Tue, May 15, 2012 at 9:20 PM, Ed Greshko wrote: On 05/16/2012 10:11 AM, JD wrote: I have nscd running. /etc/resolv.conf starts out with nameserver 127.0.0

Re: nscd and DNS cache

On 05/16/2012 01:29 AM, Ed Greshko wrote: On 05/16/2012 02:54 PM, JD wrote: I understand the libs are what make calls to the resolver. But even the resolver must look at /etc/resolv.conf. Well, you did say: "Am I to believe that the browser is NOT using /etc/resolv.conf" which to me reads tha

Re: nscd and DNS cache

fedora skrev 16.05.12 10:33: > ... or try dnsmasq > > suomi > > On 05/16/2012 08:54 AM, JD wrote: >> On Tue, May 15, 2012 at 9:20 PM, Ed Greshko >> wrote: >>> On 05/16/2012 10:11 AM, JD wrote: I have nscd running. /etc/resolv.conf starts out with nameserver 127.0.0.1 nameserver

Re: nscd and DNS cache

... or try dnsmasq suomi On 05/16/2012 08:54 AM, JD wrote: On Tue, May 15, 2012 at 9:20 PM, Ed Greshko wrote: On 05/16/2012 10:11 AM, JD wrote: I have nscd running. /etc/resolv.conf starts out with nameserver 127.0.0.1 nameserver 192.168.1.254 The 192.168.1.254 is the router, which has bee

Re: nscd and DNS cache

On 05/16/2012 01:29 AM, Ed Greshko wrote: On 05/16/2012 02:54 PM, JD wrote: I understand the libs are what make calls to the resolver. But even the resolver must look at /etc/resolv.conf. Well, you did say: "Am I to believe that the browser is NOT using /etc/resolv.conf" which to me reads tha

Re: nscd and DNS cache

On 05/16/2012 01:10 AM, Siddhesh Poyarekar wrote: On 16 May 2012 07:41, JD wrote: I have nscd running. /etc/resolv.conf starts out with nameserver 127.0.0.1 nameserver 192.168.1.254 The 192.168.1.254 is the router, which has been a fast and reliable resolver. So, to test nscd caching behavio

Re: nscd and DNS cache

On 05/16/2012 02:54 PM, JD wrote: > I understand the libs are what make calls to the resolver. But even > the resolver must look > at /etc/resolv.conf. Well, you did say: "Am I to believe that the browser is NOT using /etc/resolv.conf" which to me reads that you were thinking that somehow the

Re: nscd and DNS cache

On 16 May 2012 07:41, JD wrote: > I have nscd running. > /etc/resolv.conf starts out with > nameserver 127.0.0.1 > nameserver 192.168.1.254 > > > The 192.168.1.254 is the router, which has been a fast and reliable > resolver. > > So, to test nscd caching behavior, > I browse (using FF) over to any

Re: nscd and DNS cache

On Tue, May 15, 2012 at 9:20 PM, Ed Greshko wrote: > On 05/16/2012 10:11 AM, JD wrote: >> I have nscd running. >> /etc/resolv.conf starts out with >> nameserver 127.0.0.1 >> nameserver 192.168.1.254 >> >> >> The 192.168.1.254 is the router, which has been a fast and reliable resolver. >> >> So, to

Re: nscd and DNS cache

On 05/16/2012 10:11 AM, JD wrote: > I have nscd running. > /etc/resolv.conf starts out with > nameserver 127.0.0.1 > nameserver 192.168.1.254 > > > The 192.168.1.254 is the router, which has been a fast and reliable resolver. > > So, to test nscd caching behavior, > I browse (using FF) over to any

nscd and DNS cache

I have nscd running. /etc/resolv.conf starts out with nameserver 127.0.0.1 nameserver 192.168.1.254 The 192.168.1.254 is the router, which has been a fast and reliable resolver. So, to test nscd caching behavior, I browse (using FF) over to any website. After some time, the address is resolve