HPE Community
Operating System - Tru64 Unix
1829013 Members
2207 Online
109986 Solutions
New Discussion

Re: Tru64 DNS client retrans and retry

 
jim_325
Occasional Advisor

‎09-06-2005 06:03 AM

‎09-06-2005 06:03 AM

Tru64 DNS client retrans and retry

Hi everyone,

Any knows how to set DNS client retrans and rerty to limit reverse lookup failures on Tru64 5.1B.I tried adding retrans:1 retry:1 in /etc/resolv.conf but didn't work. Thanks
0 Kudos
12 REPLIES 12
Ivan Ferreira
Honored Contributor

‎09-06-2005 07:48 AM

‎09-06-2005 07:48 AM

Re: Tru64 DNS client retrans and retry

From the man page of resolv.conf and svc.conf, i see that there are no more options to configure besides ndots and allow_special. So, probably what you want to do is not possible.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Al Licause
Trusted Contributor

‎09-07-2005 05:23 AM

‎09-07-2005 05:23 AM

Re: Tru64 DNS client retrans and retry

What you're looking for is documented in the O'Reilly DNS and Bind book, Edition 4 pages 111 and 112.

The options are timeout:x and attempts:x

You can place them in the /etc/resolv.conf file as follows:

options timeout:1, attempts:2

Note that this only works on V8.2 and later of bind.
0 Kudos
jim_325
Occasional Advisor

‎09-11-2005 11:00 PM

‎09-11-2005 11:00 PM

Re: Tru64 DNS client retrans and retry

Hi Al,

Thanks for the help, I tried this as well, and still didn't work, the bind release is 8.2.2 with 5.1B. Have you tried this before and it worked, anyone? thanks .
0 Kudos
Al Licause
Trusted Contributor

‎09-12-2005 07:23 AM

‎09-12-2005 07:23 AM

Re: Tru64 DNS client retrans and retry

Jim,

What isn't working ? I have done this with both v8.2.2 and V9 of bind and found it to reduce the timeout from the default of about 75 seconds to as low as about 10 seconds in both versions.

Al
0 Kudos
jim_325
Occasional Advisor

‎09-12-2005 04:22 PM

‎09-12-2005 04:22 PM

Re: Tru64 DNS client retrans and retry

Al,

We are having an issue with reverse lookup taking time for IP addresses that are not in the DNS, they are many we couldn't just add them at this point, this effect the starting time of certain applications that create sockets with other hosts, I used retrans=50 and retry=1 on my HP-UX servers and that took care of the issue, Solaris is looking ok as well, however Tru64 is not. The way I test this is simply by doing arp -a or netstat -a and I can see the output pause few times trying to do reverse lookups on unknown hotss, and then after the default timeout they proceed. So I added options attempts:1 timeout:1 in the resolv.conf and tried arp -a and the pauses and the default timeout seems to be the same.
0 Kudos
Ralf Puchner
Honored Contributor

‎09-12-2005 10:50 PM

‎09-12-2005 10:50 PM

Re: Tru64 DNS client retrans and retry

the resolv.conf will control which "resolver" will be used. If DNS is specified first, it will be used. Due to DNS concept a request need some time or will be forwarded to other DNS servers.

So a suitable workaround is to use hosts=local,bind and to specify the hosts within /etc/hosts.

Another approach is to lower the timeout values. See manpage resolver or do a google on RES_OPTIONS
Help() { FirstReadManual(urgently); Go_to_it;; }
0 Kudos
Al Licause
Trusted Contributor

‎09-13-2005 12:42 AM

‎09-13-2005 12:42 AM

Re: Tru64 DNS client retrans and retry

Ralf....don't you mean svc.conf or nsswitch.conf to determine which
resource to use for resolution ?

RE: can't resolve ip addresses to hostnames if these are within a domain overwhich you have control, why not simply create an empty
zone file for now. This will allow the server(s) to find the correct server that owns that zone quickly and will either find the entry it seeks or timeout with no entry found. In either case it should shorten
the waiting period.

As to the timeout periods, if you can show cases in which other unix platforms can be configure to timeout much quicker and you have a support contract with HP, you might want to contact your support center and have
them open a case with engineering to investigate this.

0 Kudos
jim_325
Occasional Advisor

‎09-13-2005 02:55 AM

‎09-13-2005 02:55 AM

Re: Tru64 DNS client retrans and retry

I like the suggestion of creating an empty zone, I am not DNS expert, can I create an empty zone even if there are defined entries with IP addresses from within this zone, in other words, if I have a router with an IP 11.1.1.1/255.255.255.0 that has no entry in the DNS, however there hosts from within the same subnet"11.1.1.2,.." defined in DNS, would the DNS still be able to resolve those defined hosts and timeout on for the rest. Thanks
0 Kudos
Al Licause
Trusted Contributor

‎09-13-2005 04:52 AM

‎09-13-2005 04:52 AM

Re: Tru64 DNS client retrans and retry

If your dns server is already able to resolve addresses in that subnet, then a reverse zone already exists and should allow a quick timeout if a request is made to that zone for which no record exists.

When the request is received for that zone, but no record is found, the request should not be passed on to any other server and the search should stop.
0 Kudos
jim_325
Occasional Advisor

‎09-13-2005 07:26 AM

‎09-13-2005 07:26 AM

Re: Tru64 DNS client retrans and retry

Al
Yes, reverse lookup is configured and can return valid PTR for added hosts, however when we hit an entry that doesn't exist it waits for about 20 sec. before it times out, and again by adding retrans and retry options in /etc/resolv.conf for hp-ux we were able to limit this timeout wait. Is it possible for the DNS server to be configured to return PTR for existing names without creating a reverse lookup zone? and if we create an empty zone for a certain subnet, what would happen to the valid existing entries from the same subnet range, will it still return a valid name?
Thanks for the help.
0 Kudos
Al Licause
Trusted Contributor

‎09-14-2005 01:31 AM

‎09-14-2005 01:31 AM

Re: Tru64 DNS client retrans and retry

I am not aware of any way to host PTR records other than to put them in a reverse zone.
You might want to check with the dns admin or if that's you, look at the existing zones and see what's in them.

You might also try this:
# nslookup
> ls -t PTR {c.b.a.in-addr.arpa.}

You would substitute your own network address or the address of that reverse zone for the c.b.a strings.....

If the dns server hasn't protected itself from such queries, you should see all of the existing records for that zone.

If you have conflicting zones, the server may refuse to serve either.....

0 Kudos
jim_325
Occasional Advisor

‎09-17-2005 04:29 PM

‎09-17-2005 04:29 PM

Re: Tru64 DNS client retrans and retry

Thank you Al and all for the good suggestions, problem is solved by creating classless reverse look-up zones.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.