DNS reliability issues on Tumbleweed
Hello! Does anyone else have issues with the reliability of DNS lookups on Tumbleweed? I'm regularly running into the issue that DNS lookups fail on the first attempt while they succeed on the second or third attempt. Multiple Debian machines on the same network don't have any DNS problems and lookups always succeed on the first attempt. I vaguely remember that there was a discussion regarding a long-standing DNS issue on openSUSE but I cannot find this thread anymore. Does anyone happen to remember the discussion? I considering to switch my machine to a different DNS resolver if the issue persists because it makes working with OBS very annoying as I'm often seeing this message when working on mass package updates: Failed to reach a server: [Errno -2] Name or service not known Any suggestion for a quick fix or workaround would be appreciated. Thanks, Adrian
On 4/16/21 10:49 AM, John Paul Adrian Glaubitz wrote:
I'm regularly running into the issue that DNS lookups fail on the first attempt while they succeed on the second or third attempt. Multiple Debian machines on the same network don't have any DNS problems and lookups always succeed on the first attempt.
Another instance of that issue: glaubitz@suse-laptop:~> ssh pettersson.debian.org ssh: Could not resolve hostname pettersson.debian.org: Name or service not known glaubitz@suse-laptop:~> ssh pettersson.debian.org Linux pettersson 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64 (...) DNS lookup for SSH fails for the first login attempt, succeeds on the second attempt. Adrian
Le Fri, 16 Apr 2021 11:09:02 +0200, John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> a écrit :
Another instance of that issue:
glaubitz@suse-laptop:~> ssh pettersson.debian.org ssh: Could not resolve hostname pettersson.debian.org: Name or service not known glaubitz@suse-laptop:~> ssh pettersson.debian.org Linux pettersson 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64
(...)
DNS lookup for SSH fails for the first login attempt, succeeds on the second attempt.
I got too same issues from time to time but only on https websites only. Other machines running on different systems (*BSD, Leap, macOS) haven't such problems (a Leap 15.2 isn't affected by those issues either) and this happens whatever DNS server used running latest bind/unbound or ISP upstream's DNS servers. I haven't yet tracked down what could be the culprit but will report findings on that thread once I got time to settle this. -- matt [at] lv223.org GPG key ID: 7D91A8CA
On Fri, Apr 16, 2021 at 12:09 PM John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> wrote:
glaubitz@suse-laptop:~> ssh pettersson.debian.org ssh: Could not resolve hostname pettersson.debian.org: Name or service not known glaubitz@suse-laptop:~> ssh pettersson.debian.org Linux pettersson 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64
(...)
DNS lookup for SSH fails for the first login attempt, succeeds on the second attempt.
Adrian
Can you run the ssh command with "-vv" at the end so we can see some more logs? I suspect IPV6 resolution fails (it has happened to me aslo).
I reported a similar error some time ago: https://bugzilla.opensuse.org/show_bug.cgi?id=1156112 On piatok 16. apríla 2021 11:35:21 CEST Stratos Zolotas wrote:
On Fri, Apr 16, 2021 at 12:09 PM John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> wrote:
glaubitz@suse-laptop:~> ssh pettersson.debian.org ssh: Could not resolve hostname pettersson.debian.org: Name or service not known glaubitz@suse-laptop:~> ssh pettersson.debian.org Linux pettersson 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64
(...)
DNS lookup for SSH fails for the first login attempt, succeeds on the second attempt.
Adrian
Can you run the ssh command with "-vv" at the end so we can see some more logs? I suspect IPV6 resolution fails (it has happened to me aslo).
-- [ michal hlavac ] [ miso@hlavki.eu ] [ tel: +420 773 205 794 ]
On Fri, Apr 16, 2021 at 5:09 AM John Paul Adrian Glaubitz < adrian.glaubitz@suse.com> wrote:
On 4/16/21 10:49 AM, John Paul Adrian Glaubitz wrote:
I'm regularly running into the issue that DNS lookups fail on the first attempt while they succeed on the second or third attempt. Multiple Debian machines on the same network don't have any DNS problems and lookups always succeed on the first attempt.
Another instance of that issue:
glaubitz@suse-laptop:~> ssh pettersson.debian.org ssh: Could not resolve hostname pettersson.debian.org: Name or service not known glaubitz@suse-laptop:~> ssh pettersson.debian.org Linux pettersson 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64
(...)
DNS lookup for SSH fails for the first login attempt, succeeds on the second attempt.
Adrian
Are you sure your DNS servers have reliable behaviour ? that all accept TCP and UDP DNS queries.. what are you seeing might be the case of unreliability being shown immediately rather than hang around and timeout, is IPv6 enabled or disabled?
On Fri, Apr 16, 2021 at 7:04 AM Cristian Rodríguez <crrodriguez@opensuse.org> wrote:
Are you sure your DNS servers have reliable behaviour ? that all accept TCP and UDP DNS queries.. what are you seeing might be the case of unreliability being shown immediately rather than hang around and timeout, is IPv6 enabled or disabled?
Also, does it keep happening if you use known well behaving servers like 1.1.1.1 or 8.8.8.8 ?
I've see something like this happening randomly in Firefox: occasionally, loading a page fails and works on a retry. Could be a Firefox specific issue though as I've not seen it anywhere else. On 4/16/21 10:49 AM, John Paul Adrian Glaubitz wrote:
Hello!
Does anyone else have issues with the reliability of DNS lookups on Tumbleweed?
I'm regularly running into the issue that DNS lookups fail on the first attempt while they succeed on the second or third attempt. Multiple Debian machines on the same network don't have any DNS problems and lookups always succeed on the first attempt.
I vaguely remember that there was a discussion regarding a long-standing DNS issue on openSUSE but I cannot find this thread anymore. Does anyone happen to remember the discussion?
I considering to switch my machine to a different DNS resolver if the issue persists because it makes working with OBS very annoying as I'm often seeing this message when working on mass package updates:
Failed to reach a server: [Errno -2] Name or service not known
Any suggestion for a quick fix or workaround would be appreciated.
Thanks, Adrian
Hello I have seen this issue on multiple linux distro's. i had problems with dns on opensuse and fedora. i have make my dns static and it was the fix for me. On windows i have no dns issues Met Vriendelijke Groeten, Wesley Landaal ________________________________ Van: Michael Pujos <pujos.michael@gmail.com> Verzonden: vrijdag 16 april 2021 11:58 Aan: factory@lists.opensuse.org <factory@lists.opensuse.org> Onderwerp: Re: DNS reliability issues on Tumbleweed I've see something like this happening randomly in Firefox: occasionally, loading a page fails and works on a retry. Could be a Firefox specific issue though as I've not seen it anywhere else. On 4/16/21 10:49 AM, John Paul Adrian Glaubitz wrote:
Hello!
Does anyone else have issues with the reliability of DNS lookups on Tumbleweed?
I'm regularly running into the issue that DNS lookups fail on the first attempt while they succeed on the second or third attempt. Multiple Debian machines on the same network don't have any DNS problems and lookups always succeed on the first attempt.
I vaguely remember that there was a discussion regarding a long-standing DNS issue on openSUSE but I cannot find this thread anymore. Does anyone happen to remember the discussion?
I considering to switch my machine to a different DNS resolver if the issue persists because it makes working with OBS very annoying as I'm often seeing this message when working on mass package updates:
Failed to reach a server: [Errno -2] Name or service not known
Any suggestion for a quick fix or workaround would be appreciated.
Thanks, Adrian
On 16/04/2021 11.58, Michael Pujos wrote:
I've see something like this happening randomly in Firefox: occasionally, loading a page fails and works on a retry. Could be a Firefox specific issue though as I've not seen it anywhere else.
I have seen firefox fail on sites that work with system ping. Firefox uses its own resolver, not the system configured one, and in some (reproducible) circumstances it fails. -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)
Am 16.04.21 um 12:27 schrieb Carlos E. R.:
On 16/04/2021 11.58, Michael Pujos wrote:
I've see something like this happening randomly in Firefox: occasionally, loading a page fails and works on a retry. Could be a Firefox specific issue though as I've not seen it anywhere else.
I have seen firefox fail on sites that work with system ping. Firefox uses its own resolver, not the system configured one, and in some (reproducible) circumstances it fails.
I also notice more DNS issues currently with TW compared to 15.2 before. I thought so far it might be my setup which is a bit special: - system resolver -> PDNS recursor local -> pihole (local network) -> ISP resolver but now reading this thread I'm not sure sure it (completely) is. In any case about the Firefox comment: This is not totally the case. Firefox still should use the system resolver by default. It has additional local caching though. Firefox can be configured to use DoH bypassing _everything_ but for openSUSE builds this is disabled by default. Typically in my case it's exactly like in the top post. A direct follow up DNS request succeeds typically. Just with Firefox that is not the case because a failed request is cached for a minute. Wolfgang
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2021-04-16 at 12:40 +0200, Wolfgang Rosenauer wrote:
Am 16.04.21 um 12:27 schrieb Carlos E. R.:
On 16/04/2021 11.58, Michael Pujos wrote:
I've see something like this happening randomly in Firefox: occasionally, loading a page fails and works on a retry. Could be a Firefox specific issue though as I've not seen it anywhere else.
I have seen firefox fail on sites that work with system ping. Firefox uses its own resolver, not the system configured one, and in some (reproducible) circumstances it fails.
...
In any case about the Firefox comment: This is not totally the case. Firefox still should use the system resolver by default. It has additional local caching though. Firefox can be configured to use DoH bypassing _everything_ but for openSUSE builds this is disabled by default.
I have noticed the issue both in openSUSE (Leap) and Android, while Chrome doesn't have it. I haven't tested for the cache possibility, by restarting FF.
Typically in my case it's exactly like in the top post. A direct follow up DNS request succeeds typically. Just with Firefox that is not the case because a failed request is cached for a minute.
No, my problem stays for half an hour at least (maybe days?) I'll describe it. I use a dynamic DNS server to reach my own machine from outside. Occasionally, my IP changes (I can force it); the internet DNS server is updated, but Firefox reaches my old IP, which at that point belongs to another Telefónica client. Chrome reaches the correct client, as does ssh. I solved it by doing: preferences, search "DNS", Network Settings Configure how Firefox connects to the internet. Settings… Click settings, change to "Use system proxy setting" I don't have a proxy, but google gave this procedure to solve the issue. I don't know a method to make FF display the IP address for a name. - -- Cheers, Carlos E. R. (from openSUSE 15.2 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCYHlvBhwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVYpwAnjF+5qPjj99oeBvgYa26 CjTtADS9AJ993dTzTAGzHp1oCHYC/C8xHZJY6A== =AD2W -----END PGP SIGNATURE-----
Le Fri, 16 Apr 2021 13:03:34 +0200 (CEST), "Carlos E. R." <robin.listas@telefonica.net> a écrit :
I solved it by doing: preferences, search "DNS",
Network Settings Configure how Firefox connects to the internet. Settings…
Click settings, change to "Use system proxy setting"
I don't have a proxy, but google gave this procedure to solve the issue.
Ah thanks! FF 87.0 here and I was using the "Use system proxy setting" but switching to "Auto detect proxy parameters for that network" does the trick. Cheers -- matt [at] lv223.org GPG key ID: 7D91A8CA
On 16. 04. 21, 12:27, Carlos E. R. wrote:
On 16/04/2021 11.58, Michael Pujos wrote:
I've see something like this happening randomly in Firefox: occasionally, loading a page fails and works on a retry. Could be a Firefox specific issue though as I've not seen it anywhere else.
I have seen firefox fail on sites that work with system ping. Firefox uses its own resolver, not the system configured one, and in some (reproducible) circumstances it fails.
Does uninstalling nscd fix this? -- js suse labs
On 19/04/2021 07.00, Jiri Slaby wrote:
On 16. 04. 21, 12:27, Carlos E. R. wrote:
On 16/04/2021 11.58, Michael Pujos wrote:
I've see something like this happening randomly in Firefox: occasionally, loading a page fails and works on a retry. Could be a Firefox specific issue though as I've not seen it anywhere else.
I have seen firefox fail on sites that work with system ping. Firefox uses its own resolver, not the system configured one, and in some (reproducible) circumstances it fails.
Does uninstalling nscd fix this?
I don't remember if I tried, but I can say that it affected both the computer and the android phone, both using Firefox, both worked in both using Chrome. And the phone doesn't have nscd. I solved the problem by going to Firefox preferences, search "DNS", click on advanced, then on "Configure Proxy Access to the Internet" set "Use system proxy settings" (I don't have a proxy) and unclick "Enable DNS over HTTPS" down the page. <https://support.mozilla.org/en-US/kb/firefox-dns-over-https#w_manually-enabling-and-disabling-dns-over-https> -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)
On 19/04/2021 12.41, Carlos E. R. wrote:
On 19/04/2021 07.00, Jiri Slaby wrote:
On 16. 04. 21, 12:27, Carlos E. R. wrote:
On 16/04/2021 11.58, Michael Pujos wrote:
I've see something like this happening randomly in Firefox: occasionally, loading a page fails and works on a retry. Could be a Firefox specific issue though as I've not seen it anywhere else.
I have seen firefox fail on sites that work with system ping. Firefox uses its own resolver, not the system configured one, and in some (reproducible) circumstances it fails.
Does uninstalling nscd fix this?
I don't remember if I tried, but I can say that it affected both the computer and the android phone, both using Firefox, both worked in both using Chrome. And the phone doesn't have nscd.
I solved the problem by going to Firefox preferences, search "DNS", click on advanced, then on "Configure Proxy Access to the Internet" set "Use system proxy settings" (I don't have a proxy) and unclick "Enable DNS over HTTPS" down the page.
I tried to trigger the problem again, but it seems to have been solved. I'll describe in more detail the issue. I have a dynamic dns server pointing at my home. When power fails, my ISP gives me a new address. A cron job on my small server detects this and updates the external dns. A ping or ssh works instantly, pointing at the new address, but firefox keeps pointing to the old address, which now is assigned to another client of my provider, or to nobody, and thus, fails to connect to my apache. Today I tried twice, once after sending the previous email, and another now, power cycling my access hardware; the IP changed, but firefox, both on computer and android, keeps working, which means that the problem has been solved upstream meanwhile. -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)
In data venerdì 16 aprile 2021 10:49:41 CEST, John Paul Adrian Glaubitz ha scritto:
Any suggestion for a quick fix or workaround would be appreciated.
I have a similar issue in TW and had the same in 15.1 and 2 Leap. I found that setting in /etc/nscd.conf the value enable-cache hosts no did help a lot. In my experience nscd.conf has an issue when refreshing the cache that causes a DNS failure for a certain time frame (if you wait, typically after e.g. 20 minutes or so, the things turn normal. Setting this value solved the problem for me. I am using unbound BTW. I did not have to set it in TW but recently the issue appeared so i will try also to set it in TW. (TW typically: cannot resolve address in Firefox etc, (no, I did not use the build in DNS resolution of FF) and when you try with tor or tor browser all works).
participants (11)
-
Carlos E. R.
-
Cristian Rodríguez
-
Jiri Slaby
-
John Paul Adrian Glaubitz
-
Matt Anton
-
Michael Pujos
-
Michal Hlavac
-
Stakanov
-
Stratos Zolotas
-
wesley landaal
-
Wolfgang Rosenauer