Network stand still

rsheikh01 · March 3, 2015, 7:17pm

**this was posted in another forum I suspect wrong one moved here **
Hello all. Let me qualify my question by saying that I am struggling with how to ask the question I am semi green but have no issue reading up if pointed in the right direction. Please be gentle!

A RHEL server 6.2. Hosts a statistical application that has some web apps and batch programming interface.

Problem:
Lately we moved offices.

Now logging in via PuTTy via ssh was taking long so a poweruser set useDNS No that speed up login
Issue: Once we start our application (web app) login speed is fine but any action that requires a response such as navigating, open file, it hour clocks and either ends in error, or in some cases after 5 minutes renders back the requested item.
[list]
RAM is 65 GB, 45GB is free (from Top)
Load at most 1.35 usually around .5 avg.
Dedicated to host one application
At most 2-3 concurrent sessions expected but see only 1
tracert was 1ms
Ping replies w/o data loss
Putty session -ssh- connects in seconds
[/list]

I have run some commands and their output are listed below

[rsas@lazer ~]$ host -t a lazer.aii-3.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
[rsas@lazer ~]$ host -t ns lazer.aii-3.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
[rsas@lazer ~]$ host -t mx lazer.aii-3.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
[rsas@lazer ~]$ host -a lazer.aii-3.com
Trying "lazer.aii-3.com"
;; connection timed out; trying next origin
Trying "lazer.aii-3.com.aii-3.com"
;; connection timed out; no servers could be reached
[rsas@lazer ~]$ host -6 lazer.aii-3.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached
[rsas@lazer ~]$ host 10.20.18.140
;; connection timed out; no servers could be reached
[rsas@lazer ~]$ host -v -t a lazer.aii-3.com
Trying "lazer.aii-3.com"
;; connection timed out; trying next origin
Trying "lazer.aii-3.com.aii-3.com"
;; connection timed out; no servers could be reached
[rsas@lazer ~]$ dig +trace lazer.aii-3.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> +trace lazer.aii-3.com
;; global options: +cmd
;; connection timed out; no servers could be reached
[rsas@lazer ~]$ dig +noall +answer lazer.aii-3.com
;; connection timed out; no servers could be reached

I am not sure how to proceed. Any guidance/insight is deeply appreciated.

rbatte1 · March 4, 2015, 5:59am

Can you show us:-

The content of /etc/resolv.conf
The content of /etc/nsswitch.conf

If you have completely turned off DNS, then you may be unable to resolv anything. If there is a slow login, then this is because the DNS servers are incorrectly configured. I've seen this before and there is about a 30 second login delay as the unix server tries to look up the incoming IP address for logging purposes.

There is a way to limit the timeout, but the real way to fix this is to have the DNS servers respond properly and say "unknown" straight away rather than panic and say nothing. This can be because they are looking to pass on the query to another DNS server that is higher up the tree (so to speak)

Thanks, in advance,
Robin

rsheikh01 · March 4, 2015, 1:53pm

I so appreciate your response and time you used. You are in the correct. The problem was two fold. One due to our location move some NAT policies were not updated. 2nd on the server itself, the nameserver was pointing to the firewall server versus the DNS server. Did the correction in resolv.conf. So far so good. I am curious about your nsswitch and I will look that up.

Once again, thank you!

RS:)

rbatte1 · March 5, 2015, 6:43am

I'm glad it helped. The nsswitch.conf file sets the order that queries are resolved, so you can point to DNS, files, NIS+ etc. in the order that is appropriate to you.

Always better to use DNS than to ignore it. Further changes can be a real nightmare without it.

Regards,
Robin

rsheikh01 · March 5, 2015, 8:10pm

Well sir I spoke early.

I changed the value in resolv.conf as:

# Generated by NetworkManager
search aii-3.com
nameserver 192.168.1.6
#nameserver 10.20.18.1
nameserver 75.75.75.75

I did not change the nsswitch.conf and things started to be very fast, happiness abound.

However, the output of nm-tool | grep DNS remains

 DNS:             10.20.18.1
 DNS:             75.75.75.75

My another linux box where I did not experience any such latency has these values: resolv.conf

nm-tool | grep DNS
    DNS:             10.20.18.1
    DNS:             64.244.51.1

resolv.conf
cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 75.75.75.75
nameserver 75.75.75.76
#nameserver 10.20.18.1
#nameserver 64.244.51.1

I am unsure if I should match the value to be consistent or leave them as is...
Here is nsswitch.conf

#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
#       nisplus                 Use NIS+ (NIS version 3)
#       nis                     Use NIS (NIS version 2), also called YP
#       dns                     Use DNS (Domain Name Service)
#       files                   Use the local files
#       db                      Use the local database (.db) files
#       compat                  Use NIS on compat mode
#       hesiod                  Use Hesiod for user lookups
#       [NOTFOUND=return]       Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files
shadow:     files
group:      files

#hosts:     db files nisplus nis dns
hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   nisplus

publickey:  nisplus

automount:  files nisplus
aliases:    files nisplus

I hope that this catches your attention and I could get a bit of your time and help. Thank you very much in advance,

RS

---------- Post updated at 01:02 PM ---------- Previous update was at 01:01 PM ----------

nsswitch.conf is from server that had the latency issue and whose IP was corrected in the resolv.conf file.

---------- Post updated at 07:10 PM ---------- Previous update was at 01:02 PM ----------

I did change the other two to match the local dns server address, from my laptop if i do nslookup I get these results and I am a bit puzzled

C:\Users\Owner>nslookup aiilnx.aii-3.com
Server:  UnKnown
Address:  192.168.1.6
*** UnKnown can't find aiilnx.aii-3.com: Non-existent domain