Yang Xiao wrote: <snip>
again, have you tried to use different DNS servers for queries and what is performance? where is the dig output from your current DNS server queries?
check for contrack use lsmod iptables -L -n will show you active iptables rule set
Yang
P.S can you send the /etc/nsswitch.conf and /etc/resolv.conf file?
Yang
/etc/nsswitch.conf and /etc/resolv.conf are attached.
Query times from the 4 servers in my resolv.conf, starting at the top:
;; Query time: 16 msec ;; SERVER: 68.48.0.6#53(ns02.rtchrd01.md.comcast.net) ;; WHEN: Thu Aug 5 19:32:25 2004 ;; MSG SIZE rcvd: 436
;; Query time: 25 msec ;; SERVER: 68.87.96.16#53(68.87.96.16) ;; WHEN: Thu Aug 5 19:34:26 2004 ;; MSG SIZE rcvd: 436
;; Query time: 18 msec ;; SERVER: 68.48.0.12#53(68.48.0.12) ;; WHEN: Thu Aug 5 19:34:56 2004 ;; MSG SIZE rcvd: 436
;; Query time: 25 msec ;; SERVER: 68.87.96.15#53(68.87.96.15) ;; WHEN: Thu Aug 5 19:35:09 2004 ;; MSG SIZE rcvd: 436
[bvitale@vandelay ~]$ /sbin/lsmod | grep conntrack [bvitale@vandelay ~]$
This makes sense, since I did not setup an iptables firewall.
Ben
In what way is DNS slow (how does it manifest itself)?
You can install ethereal/ethereal-gnome and capture the DNS lookup requests/responses. This should show you the exact time delay between the outgoing request and the response.
Are you running nscd? If so, try restarting it, or killing it - it can be a real PITA at times.
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw@xxxxxxxxxxxx
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555