BIND/named

[dgrant]

Does anyone know a lot about bind/named? I'm just using it to cache DNS queries to speed up DNS. I'm having a bit of trouble though. My ISP has two DNS servers, and I basically have those set up as forwarders in my /etc/bind/named.conf file. But when I run the named daemon and set /etc/resolv.conf to just search 127.0.0.1, I get a really slow initial query, using "dig". The queries after that are instant though. But the initial query is way slower than if I just had my ISP's DNS servers in /etc/resolv.conf. I'm not sure why that is? I'm not sure if I have the forwarders set up properly. Anyways, I'd like to get this fixed. Here's a summary:

Queries to my ISP's DNS servers: ~100ms

Now I turn on BIND using my ISP's DNS servers as forwarders:
First queries take ~1000-2000 ms
Repeat queries are ~1-4ms (very fast)

[dev-null-devil]

Did you use search 127.0.0.1 or nameserver 127.0.0.1?
_________________
All change, motion, and time is an illusion.
-- Plato, year 310

[dgrant]

I just used nameserver 127.0.0.1. No search entry in resolv.conf

BTW, some guy on IRC #gentoo just told me to check out djbdns. I'm looking into that now

[patan]

Do you have a "127.in-addr.arpa" zone?

[dgrant]

Yes I did have this.

But I just switched to djbdns. It was quite painless. And the caching seems to work nicely. Configuration was a bit non-standard, but not too complicated. Supposedly it is much better than BIND.

http://cr.yp.to/djbdns.html

[Phlaegel]

I just switched from bind to djbdns as well... it's got a weird setup, but once you see how it works, it's so simple it makes you wonder why you ever looked at bind. I'm using dnscache to do external lookups, along with ldapdns running on an alias for some private name resolution behind the firewall... works great.

[gramafonov]

Is it true you can use a MySQL database to store djbdns zones info? Has anyone tried this storage method?
_________________
Best regards,
Max

[chroweb]

I really hate to bump this thread, but I've searched around all over these forums and google.

I know that BIND is a beast and there are many alternatives, but I'd like to know if anyone has a solution to the forwarders issue. I have the same as the original poster, it takes about 2 seconds to resolve any DNS names through bind that it's not serving itself.

A little info.

I have 3 networks, the internet and two private networks, one for my servers and one for my workstations. The network isn't all that big, about 8 computers, but I'd like to see this setup work.

I have BIND configured to serve out servers.myplace and workstations.myplace DNS entries as well as their reverse. This works great. If I try to resolve an offsite address, google for instance, it takes 2 seconds+ to get the DNS. After that, the OS (Windows XP or whatever) will cache the request. That's great, but the 2 second lag is very anoying... so much that I've had DHCPD not even serve my BIND server as a option. I'd rather live without local DNS then get the lag.

Any suggestions?

[UberLord]

[nobspangle]

what happens when you do an nslookup from an XP machine?

[chroweb]

[nobspangle]

that's pretty weird, can you post your ntp.conf (just the main bit, don't need the zones) also, have you tried without the forwarders?

[ARC2300]

When I set up my DNS/BIND, I used it to directly look up via the root servers.

I found forwarding and bouncing off someone else's server a pain.
_________________
It's fun to take a trip
Put acid in your veins

[matt@yyc]

I have Bind 9 set up as a caching nameserver, and it sounds as if Bind is trying to forward your request to the root DNS servers. From my location, I found that the root servers were much slower than my ISPs.

I have the line forward only; in my options block of named.conf before the line that contains my ISPs name-servers, and it works well.

edit: oops, someone beat me to the root issue.

Matt

[chroweb]

[nobspangle]

[chroweb]

named.conf first sections (options, logging and hint zone):

[nobspangle]

what happens if you remove the forward only line?

[chroweb]

Nope, same issue.

Could the speed of the machine have something to do with it?