still seeing some delays in lookups

Re: still seeing some delays in lookups

From:

Date:

Time:

Sorry, I made a mistake. After conferring with our developers, it has
been made clear to me that the only way to disable EDNS is to use a
configuration option that is not fully compatible with QuickDNS.

Edit the file /var/named/conf/options. Add this option into the options block:

edns-udp-size 512;

Save the file and tell named to reconfig:

rndc -k /var/named/conf/user_before reconfig

However, if you later change any server options (in the server's
Options window), QuickDNS Remote (not recognizing this option) will
remove it again.

Chris Buxton
Men & Mice - Making DNS Easy
Customer Service and Sales Engineer

At 3:02 PM -0800 11/12/04, Patrick Windmiller wrote:
>I'd like the instructions for compiling it my self, with that option
>disabled.
>
>
>On 11/12/04 2:54 PM, "Men & Mice Support" <cbuxton@menandmice.com> wrote:
>
>> It's possible that the EDNS (extended DNS) packet size is an issue.
>> Unfortunately, the ends-udp-size option is not yet compatible with
>> QuickDNS, because QuickDNS Remote won't recognize it and will have a
>> problem.
>>
>> BIND 9.3.0 can be compiled without this feature. We can create a
>> compiled version like that for anyone who'd like to try it and report
>> back whether it helps.
>>
>> The issue here is that, before EDNS, UDP packets in DNS use were
>> limited to 512 bytes. This is because, historically, the UDP
>> transport layer was limited to 512 bytes per packet. EDNS allows a
>> sort of negotiation between two DNS servers to determine optimal
>> packet size (i.e. the largest size of packet that will arrive intact
>> at the other end). These limits are now being expanded.
>>
>> With EDNS, the servers at either end can negotiate a larger maximum
>> packet size. Unfortunately, this takes a little time. Fortunately,
>> the information can be cached.
>>
>> Chris Buxton
>> Men & Mice - Making DNS Easy
>> Customer Service and Sales Engineer
>>
>> At 2:37 PM -0800 11/12/04, Jody McAlister wrote:
>>> The mac os x server list had a "fix" which goes one step beyond the
>>> fix that was given here. I still see a lookup issue, less than
>>> before (but I am using firefox and Safari which everybody seem to
>>> say have that problem currently), but the lookups still seem a
>>> little slower than what I'm used to as well.
>>>
>>> Here is an email I pasted in about making an adjustment to the udp
>>> packet that they claim solved their problem. Does this seem like a
>>> solution or just an unneccessary extra step. I don't see that he
>>> tried with bind 9.3.0 before changing the packet size.
>>>
>>> ******************************************************************
>>> Hello everyone,
>>>
>>> Thanks for the replies from all. It does seem the DNS timeout issue I
>>> mentioned this morning isn't OS X Server related. In fact, it seems to be
>>> some type of bug involving BSD, IPv6 and Bind 9.2.x... Apparently some of
>>> the root servers started issuing IPv6 replies in the past few weeks
>>> causing the issue to crop up. There is a good discussion in this thread
>>> here:
>>> http://discussions.info.apple.com/webx?14@123.Votva3t2BDi.0@.689de754/0
>>>
>>> While not a "proper" solution, my solution to this problem was to compile
>>> Bind 9.3.0 on our XServe. I renamed the old named binary and put the new
>>> one in its place. Also, I edited the system startup script so it launches
>>> bind -4 (IPv4 support ONLY) instead of just bind. Lastly, I changed the
>>> edns-udp-size to limit the packet size to 512 bytes. All of these
>>> together have solved this issue, at least in our environment.
>>>
>>> I encourage anyone experiencing the original symptoms to check out the
>>> discussion linked above and try out the fix I did.
>>>
>>> Thanks everyone
>>> Mike
>>
>>

Sales:
888/4-DPOINT

Support:
858/452-3696