On Thu, 9 Dec 2004, Amadeus Stevenson wrote:

> Hello,
> 
> I recently set up a simple ipnat/ipf firewall on a lan with a local
> caching DNS server, bind9 from pkg_add.
> 
> It takes about a second or two to resolve external addresses, which is
> slowing things down a lot. Once cached it is much faster. Do you have
> any ideas what I am doing wrong? This happens from the gateway itself
> as well as from every natted box. I never used to have this problem
> before:
> 
> # time nslookup www.whales.org
> Server:  localhost
> Address:  127.0.0.1
> 
> Non-authoritative answer:
> Name:    whales.org
> Address:  216.74.96.157
> Aliases:  www.whales.org
> 
>     2.62s real     0.00s user     0.00s system

Hmm, two seconds or maybe three in order to resolve a host or domain name 
isn't much imho. Sometimes it takes even longer, depending on the domain 
you wish to resolve. Try for example www.wz.zj.cn :-)
Btw, why don't you use dig instead of nslookup.
Bye,

Mipam.