disabling nscd host cache not a good workaround for DNS problems

disabling nscd host cache not a good workaround for DNS problems

Post by Steve VanDevende » Tue, 15 Jul 1997 04:00:00



Ever since we installed patch 103667-05 (for Solaris 2.5) we've had
problems with intermittent failures of DNS lookups.  I've seen and
understood the explanations for this, involving the difficulty of
multithreading resolver lookups and the resulting bottleneck in nscd.
Lately we've been trying the Sun-recommended workaround of disabling the
host cache in nscd.  This has been partly successful; it seems to
improve behavior of many things, but caused netscape to fail to find any
hosts not in /etc/inet/hosts.  We were able to fix that by editing the
netscape binary to link with libresolv.so.2 instead of.1.  Since then
we've discovered another undesirable effect of this workaround: the CDE
login process also will not work with any X terminals that aren't in
/etc/inet/hosts.  We're using the Sun-supplied CDE suite with the latest
patches.  Clearly this workaround isn't optimal, and since our site has
a large number of X terminal users and it's not trivial to find all of
them and make /etc/inet/hosts entries for them we may have to go back to
the not-quite-as-badly-broken situation of using the nscd host cache
again.

Frankly, at this point we're a little annoyed that it's taken this long
to get a fix from Sun for such a serious problem, and clearly the
workaround breaks many applications even while fixing some of the nscd
bottleneck problems.  I at least hope this is going to be fixed in 2.6,
but a patch for 2.5 would be desirable too.

--


"bash awk grep perl sed df du, du-du du-du,
vi troff su fsck rm * halt LART LART LART!" -- the Swedish BOFH

 
 
 

disabling nscd host cache not a good workaround for DNS problems

Post by Steve VanDevende » Thu, 17 Jul 1997 04:00:00




> > Ever since we installed patch 103667-05 (for Solaris 2.5) we've had
> > problems with intermittent failures of DNS lookups.  I've seen and
> > understood the explanations for this, involving the difficulty of
> > multithreading resolver lookups and the resulting bottleneck in nscd.

> we have a problem too: when nscd hostcache is disabled, sendmail
> has dns lookup problems. These problems are not there when host cache
> is enabled

We had that problem too, but were able to fix it by relinking sendmail
with libresolv.so.2 (we use Berkeley sendmail, not the stock Solaris
one, though).  Most applications seem to behave much, much better with
libresolv.so.2 than libresolv.so.1, especially if they do frequent DNS
lookups.

--


"bash awk grep perl sed df du, du-du du-du,
vi troff su fsck rm * halt LART LART LART!" -- the Swedish BOFH

 
 
 

1. disabling negative nscd caching?

I want to disable negative caching on hostname lookups on a particular
system.  From looking at the debugging output, it seems setting

negative-time-to-live   hosts   0

does the trick.  Does anyone know if that is the canonical way?
--
Jim Davis

2. Kernel configuation is broken

3. sendmail and nscd hosts caching

4. S3 S3 S3 X X X S3 S3 S3

5. nscd dynamic enable/disable not working in Solaris 8?

6. running a script via cron, zombies

7. caching dns appears to not cache.

8. RTM finger bug?

9. nscd does not update /etc/hosts?

10. Cache dns & local hosts adresses

11. Caching DNS and /etc/hosts entries?

12. Viewing nscd cache

13. nscd vs caching nameserver