Subject: None
To: None <>
From: Steven M. Bellovin <>
List: current-users
Date: 07/16/2002 21:36:31
In message <>, writes:
>Today we switced our main box from linux to NetBSD 1.6BETA4 and i have some
>trouble with name resolving.first off,i dont know is this right place to bitch
>because there is chance that this is related with (bind,ipf).i really like
>behaviour of samba server wich is quite fast even copyng large files!ok 
>the problem is that name resolving with bind takes about 5/sec even if i flush
>all the rules in ipfilter the problem is still there!Almost with same
>configuration 1.5.x work delays!Box is using 3Com cards with ex
>driver.( bind is configured to forward all queris to external nameserver ) and
>no one rule is blocking the querys!its really strange..that is working with sa
>configuration on 1.5.3 box:)if i set client to use external cache the problem 
>solved,but sometimes cache is down..and then there is no traffic at all:)

A 5-second resolution time sounds like it's first trying to query a 
dead server.  Check your configuration, and perhaps use tcpdump to see 
where the packets are really going.

		--Steve Bellovin, (me) ("Firewalls" book)