[opensuse] nscd is pestering DNS server every 15 sec.
openSUSE 11.1 Using Wireshark to see the bug in Knode I noticed that nscd is asking DNS server for couple of addresses every 15 sec. That added with AAAA (IPv6) queries makes DNS server quite busy. There must be the way to set longer interval and quit IPv6 that my DNS server have no clue about. -- Regards, Rajko http://news.opensuse.org/category/people-of-opensuse/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Rajko M. wrote:
openSUSE 11.1
Using Wireshark to see the bug in Knode I noticed that nscd is asking DNS server for couple of addresses every 15 sec.
That added with AAAA (IPv6) queries makes DNS server quite busy.
"quite busy" for a few queries every 15sec? Your DNS server would have to be running on a 386sx25 for that to make it even remotely busy :-)
There must be the way to set longer interval and quit IPv6 that my DNS server have no clue about.
Find out what it is - AFAIK, nscd is only caching, it doesn't have a life of its own. /Per -- Per Jessen, Zürich (19.2°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 20 May 2009 04:13:18 am Per Jessen wrote:
Rajko M. wrote:
openSUSE 11.1
Using Wireshark to see the bug in Knode I noticed that nscd is asking DNS server for couple of addresses every 15 sec.
That added with AAAA (IPv6) queries makes DNS server quite busy.
"quite busy" for a few queries every 15sec? Your DNS server would have to be running on a 386sx25 for that to make it even remotely busy :-)
I missed to mention that prospect of having thousands of boxes that are asking for past DNS queries every 15 seconds in IPv6 and 4 adds load to my provider's DNS server.
There must be the way to set longer interval and quit IPv6 that my DNS server have no clue about.
Find out what it is - AFAIK, nscd is only caching, it doesn't have a life of its own.
I guess it is checking validity of cached data. Stopping it stops spurious queries. The problem is that I don't see anything in /etc/nscd.conf that resembles to 15 sec.
/Per
-- Per Jessen, Zürich (19.2°C)
-- Regards, Rajko http://news.opensuse.org/category/people-of-opensuse/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Rajko M. wrote:
On Wednesday 20 May 2009 04:13:18 am Per Jessen wrote:
Rajko M. wrote:
openSUSE 11.1
Using Wireshark to see the bug in Knode I noticed that nscd is asking DNS server for couple of addresses every 15 sec.
That added with AAAA (IPv6) queries makes DNS server quite busy.
"quite busy" for a few queries every 15sec? Your DNS server would have to be running on a 386sx25 for that to make it even remotely busy :-)
I missed to mention that prospect of having thousands of boxes that are asking for past DNS queries every 15 seconds in IPv6 and 4 adds load to my provider's DNS server.
No doubt, but that is what providers do.
There must be the way to set longer interval and quit IPv6 that my DNS server have no clue about.
Find out what it is - AFAIK, nscd is only caching, it doesn't have a life of its own.
I guess it is checking validity of cached data.
Nope, I'm quite certain that is done by a TTL. nscd is a pretty simple daemon - if it doesn't have a fresh response to a query, it'll just say no and glibc will continue with the next option.
Stopping it stops spurious queries.
Ah. I've just had a tcpdump running for 2 minutes and didn't see a single DNS query. Can't reproduce. If you run a tcpdump, it'll tell you what is being queried - maybe that'll give us a clue. /Per -- Per Jessen, Zürich (29.3°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 20 May 2009 11:36:44 am Per Jessen wrote: ...
I missed to mention that prospect of having thousands of boxes that are asking for past DNS queries every 15 seconds in IPv6 and 4 adds load to my provider's DNS server.
No doubt, but that is what providers do.
That is how I can see slow resolution.
There must be the way to set longer interval and quit IPv6 that my DNS server have no clue about.
Find out what it is - AFAIK, nscd is only caching, it doesn't have a life of its own.
I guess it is checking validity of cached data.
Nope, I'm quite certain that is done by a TTL. nscd is a pretty simple daemon - if it doesn't have a fresh response to a query, it'll just say no and glibc will continue with the next option.
So, in other words something else was running DNS queries. Problem is that 'netstat -tupnc' can't catch anything.
Stopping it stops spurious queries.
Ah. I've just had a tcpdump running for 2 minutes and didn't see a single DNS query. Can't reproduce. If you run a tcpdump, it'll tell you what is being queried - maybe that'll give us a clue.
As mentioned past queries that I can recognize and some that were probably embedded in web pages, like google-analytics. So, without visit to few pages, ie. some activity there will be nothing. I guess it was Konqueror4 that opened pages. I checked with 'ps -elf' what is running and can have any need for those web pages, like kio_http, but there was none. Before I stopped nscd, I removed nepomuk and beagle, Konversation, KMail, online updater, that is all could recognize as possible online active, but DNS didn't stop. Finally when nscd was out of commission queries quited. -- Regards, Rajko http://news.opensuse.org/category/people-of-opensuse/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Rajko M. wrote:
Stopping [nscd] stops spurious queries.
Ah. I've just had a tcpdump running for 2 minutes and didn't see a single DNS query. Can't reproduce. If you run a tcpdump, it'll tell you what is being queried - maybe that'll give us a clue.
As mentioned past queries that I can recognize and some that were probably embedded in web pages, like google-analytics. So, without visit to few pages, ie. some activity there will be nothing.
The odd thing is perhaps - nscd should be good for local caching in just such a situation (where something continually polls, e.g. in javascript). When nscd is always passing the query upstream, it sounds like whatever is being looked up isn't being found (default nscd TTL for negative replies is 0). /Per -- Per Jessen, Zürich (20.5°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2009-05-21 at 10:08 +0200, Per Jessen wrote:
As mentioned past queries that I can recognize and some that were probably embedded in web pages, like google-analytics. So, without visit to few pages, ie. some activity there will be nothing.
The odd thing is perhaps - nscd should be good for local caching in just such a situation (where something continually polls, e.g. in javascript). When nscd is always passing the query upstream, it sounds like whatever is being looked up isn't being found (default nscd TTL for negative replies is 0).
The thing is, nscd should not cache domain name queries. I understand it queries the " passwd(5), group(5), and hosts(5) databases", according to the man page. I thought that excluded DNS - unless "hosts" does not mean the /etc/hosts file, but any host query. What I usually do is having a local DNS server doing cache service for the ISP or root servers. It makes some sense even if you have a lone machine, but with a bunch of them, it makes a lot of sense. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkoVTdcACgkQtTMYHG2NR9Wq2QCfRQtP7ei8q9dXF0n4KP+ZRb9k ChcAnifpioaRWMiYdowOnnVRepspgK3n =XLjZ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The thing is, nscd should not cache domain name queries.
It does on my systems and I'm pretty certain it is intended to do so too. Ulrich Drepper wrote a bit about it here: http://udrepper.livejournal.com/16362.html /Per -- Per Jessen, Zürich (27.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 21 May 2009 03:08:11 am Per Jessen wrote:
As mentioned past queries that I can recognize and some that were probably embedded in web pages, like google-analytics. So, without visit to few pages, ie. some activity there will be nothing.
The odd thing is perhaps - nscd should be good for local caching in just such a situation (where something continually polls, e.g. in javascript). When nscd is always passing the query upstream, it sounds like whatever is being looked up isn't being found (default nscd TTL for negative replies is 0).
Yesterday I grepped 'ps x' output for any 'kio_' and I found Konqueror using kio_file, instead of kio_http, and DNS queries were back, so finally it is not nscd as a source. I just disabled IPv6, and I'll reboot after this message. It could be the IPv6 DNS query that returns nothing, as my router just has not clue what to do with it, that gives trouble to nscd. I'll see when I'm back. -- Regards, Rajko http://news.opensuse.org/category/people-of-opensuse/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Carlos E. R.
-
Per Jessen
-
Rajko M.