Gabriel Tabares wrote:
> On 23/08/2010 13:28, Joseph L. Casale wrote:
>
>>> Both files are the default ones from CentOS:
>>>
>>>
>> So what do the host names look like that the application
>> attempts to resolve, fully qualified or not? What does your
>> cli based query look like?
>>
>>
>>
>
> My resolv.conf is:
>
> search mydomain.com
> nameserver 10.3.2.2
>
> The hostname of the machines is set to a FQDN server.mydomain.com.
>
> The time it takes for the queries does not change whether we use the
> FQDN or just the hostname.
>
> See below for an example (I stopped the mail server so the connection
> was refused).
>
> #time telnet md-mail02.mydomain.com 25
> (long wait)
> Trying 10.2.9.2...
> telnet: connect to address 10.2.9.2: Connection refused
> telnet: Unable to connect to remote host: Connection refused
>
> real 0m20.005s
> user 0m0.000s
> sys 0m0.005s
>
> #time telnet md-mail02 25
> (long wait)
> Trying 10.2.9.2...
> telnet: connect to address 10.2.9.2: Connection refused
> telnet: Unable to connect to remote host: Connection refused
>
> real 0m10.004s
> user 0m0.001s
> sys 0m0.002s
>
> #time telnet 10.2.9.2 25
> (no wait)
> Trying 10.2.9.2...
> telnet: connect to address 10.2.9.2: Connection refused
> telnet: Unable to connect to remote host: Connection refused
>
> real 0m0.005s
> user 0m0.001s
> sys 0m0.002s
>
> Nslookup responds immediately:
>
> #time nslookup my-mail02.mydomain.com
> Server: 10.2.2.254
> Address: 10.2.2.254#53
>
> Non-authoritative answer:
> Name: my-mail02.mydomain.com
> Address: 10.2.9.2
>
>
> real 0m0.006s
> # Eclipse ISP
> nameserver 212.104.130.9
> nameserver 212.104.130.65
>
> # OpenDNS
> nameserver 208.67.222.222
> nameserver 208.67.220.220user 0m0.003s
> sys 0m0.003s
>
> #time nslookup my-mail02
> Server: 10.2.2.254
> Address: 10.2.2.254#53
>
> Non-authoritative answer:
> Name: my-mail02.mydomain.com
> Address: 10.2.9.2
>
>
> real 0m0.005s
> user 0m0.001s
> sys 0m0.004s
>
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
If your resolv.conf has:
nameserver 10.3.2.2
Why does nslookup say that it is querying server 10.2.2.254? Is your
system multi-homed? Try changing resolv.conf to use 127.0.0.1, If your
using bind, and you specifiy 127.0.0.1 I believe it will use local
sockets instead of the IP stack for the query.
I would try dig (from the bind-utils package) You want to make sure that
either your local server is authoritative for mydomain.com and for the
reverse domain. This is confirmed by the 'aa' flag from dig (not sure
of nslookup can do this). If it is not authoritative, then it must
delegate to another nameserver that is. You should also get back a
proper SOA record for both. Lack of proper authoritative SOA records
for both your forward (mydomain.com) and reverse domains will cause the
server to try to go out to the Internet for further resolution. If
there is no internet access, this will hang. Even if you don't populate
the reverse domain with records, it must still be authoritative.
Minimally, I suggest a simple script to generate reverse entries for all
of the ip addresses in your address space.
dig mydomain.com soa @127.0.0.1
dig 2.2.10.in-addr.arpa. soa @127.0.0.1
penguin> dig 2.2.10.in-addr.arpa. soa
; <<>> DiG 9.5.2-RedHat-9.5.2-1.fc10 <<>> 2.2.10.in-addr.arpa. soa
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21666
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.2.10.in-addr.arpa. IN SOA
;; AUTHORITY SECTION:
2.2.10.in-addr.arpa. 14400 IN SOA ns1.mydomain.com.
me.mydomain.com. 2010082600 3600 600 15552000 14400
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Aug 28 13:09:51 2010
;; MSG SIZE rcvd: 91
Nataraj
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
