DNS slows down other stuff

Question

I set up a local DNS server (because the router of our ISP doesn't support local DNS) and configured it to resolve to static IP addresses and forward other requests to the ISPs router. So the DNS works fine but now other clients which are trying to connect to other srvices on the server need a lot of time to connect. For example sshd and apt-cacher are very slow. While ssh works fine and fast on other servers. So it seems that the server is too slow to run that many services.

So the final question resulting from that is: How can i find out what slows down things that much?

The server is running on Debian jessie. The DNS server is bind9.

After some research in the syslog i found that bind9 is throwing a bunch of errors like in the following form:

Dec 28 18:36:18 cache named[3878]: DNS format error from 192.168.2.1#53 resolving www.arcor-online.net/A for client 192.168.2.3#48110: reply has no answer
Dec 28 18:36:18 cache named[3878]: error (FORMERR) resolving 'www.arcor-online.net/A/IN': 192.168.2.1#53

Okay i now found the error. I changed the IP address of the server but forgot to change the nameserver in /etc/resolv.conf. — Kritzefitz, Dec 28 '13 at 17:57
Happy I could help. :) You might want to answer your own question, and accept that answer, so others can see the issue as well. — Michael Graff, Dec 28 '13 at 18:05
I tried, but my reputation keeps me from answering my own question until tomorrow. — Kritzefitz, Dec 28 '13 at 18:07

score 1 · Answer 1 · answered Dec 28 '13 at 16:52

1

I am not sure what you mean by "the ISP's router server" here. Routers are not commonly DNS servers.

However, you can try ssh -v to see if the delay is on the remote end or on your client's end. Also, check the BIND 9 log to see if it is reporting any problems.

Short of that, and seeing if things resolve properly by using command like dig @127.0.0.1 flame.org. SOA to ensure your local DNS is working for names you are not authoritative for, without seeing configs, network traces, or debugging logs there's not much more help I can give.

answered Dec 28 '13 at 16:52

Michael Graff

6,668
1
24
36

Sorry. It seems that i misinterpreted the word "router". Now I realized that i actually mean the device (for which i don't have a name anymore) which contains the DHCP server, forwards DNS requests to our ISPs DNS server, contains a router and belongs to our ISP. – Kritzefitz Dec 28 '13 at 17:49
Are you talking about some sort of home gateway device, like the cable modem or DSL modem? In that case, yea, it's probably all one device. I had assumed, probably incorrectly, that this was in some sort of hosted server environment. – Michael Graff Dec 28 '13 at 17:58
Yeah i think it's a gateway device. Thanks for clarification. – Kritzefitz Dec 28 '13 at 18:06

score 1 · Accepted Answer · answered Dec 29 '13 at 10:30

The problem was a completely different than i expected. While configuring bind9 and worrying about how to structure the network surrounding the server i changed the IP address of the server and forgot to change the nameserver in /etc/resolv.conf. This means the server tried to contact an empty IP and stopped until the request timed out.

score 0 · Answer 3 · answered Dec 28 '13 at 17:48

It may be useful to look at processor, memory and storage utilization of the system.

A useful command to start with might be:

ps auxf | sort -nr -k 3 | head -10

Also you can use tools to see if process are waiting on slow or over accessed storage like:

vmstat 3

Even if you think you have way over kill of hardware it's important to take a look at the basics.

As always make sure you are running the latest updates from the Debian to ensure you aren't being affected by a bug or security flaw.

DNS slows down other stuff

3 Answers3