Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: brianscally on January 10, 2006, 07:19:25 PM
-
I have a DW6000 Sat modem to the external port of my SME7 machine.
This is acting as a firewall/server for the internal network.
My issue is that the DIRECWAY service is very slow, and there DNS service does not respond in a timely manner to about 50% of DNS queries.
This causes DNSCACHE to store a value of 0.0.0.0 in the cache.
Then till the cache expires ( or I flush it ) I cannot obtain a valid IP address.
So what I want to do is lengthen the DNS time out so that ( hopefully ) I get a response in a timely manner.
I can't find how to do this, and I am not sure if it is a TINYDNS, or DNSCACHE issue.
Other than I am 'tickled pink' about the performance. The HTTP and EMAIL caches make SUCH a difference to the so sloooooww sat. link.
Brian
-
I have been investigating this further and have found that this is related to the tragets being predominently in Dynamic DNS. ( I have found no non dynamic addresses that I can't resolve). I have regressed the server to 6.5 and 6.0 and still see the problem.
I also see that Mike Mattos is seing a similar problem.
http://forums.contribs.org/index.php?topic=30210.0
Any takers for help here?
Brian
-
OK I have fixed all my problems.... well the DNS ones any way.
There were 2 issues, and it took me a while to get them seperated.
1) My DW6000 needed to be told to treat DNS queries as a priority.
I am fairly sure that this was set before.
2) Due the manner in which the server(s) was installed.
Server Only then Private Server Gateway
Not all the configuration files got pushed properly.
By foribly repushing all of the configuration files I managed to get this all working. Purrrrrfectly.
-
Due the manner in which the server(s) was installed.
Server Only then Private Server Gateway
Not all the configuration files got pushed properly.
By foribly repushing all of the configuration files I managed to get this all working. Purrrrrfectly.
Good news. There may be some issues there which may be of interest to the devteam. If the case, please enter a bug report (link on the left). In this way, it will be documented, as applicable. thanks.
-
I may be having the same problem I just built new server to replace 6.01 and was not able to get to 1/2 of tested wed sites with 7.Pre but worked fine with old server for 2 years. I get a responce of "The connection was refussed" I haven't been able to check out more just tested over the weekend. How did you chang the priority on the DW6000.
-
I may be having the same problem I just built new server to replace 6.01 and was not able to get to 1/2 of tested wed sites with 7.Pre but worked fine with old server for 2 years. I get a responce of "The connection was refussed" I haven't been able to check out more just tested over the weekend. How did you chang the priority on the DW6000.
OK I believe that the issue has been fixed with a code push of just the settings on the DW6000 and 6001
here is how to tell.
Step 1 - make sure the ether is hooked up properly
First make sure that you can ping the DW6000
Then confirm that it is DHCPing your WAN port.
If all looks good and you have the address of the ns.direcpc.com as your DHCP nameserver go to step 2
Step 2 - Can you talk DNS over the link
on the SME sever type ..
<sme>dnsq a www.aol.com 192.203.230.10
this should respond back really quickly with phrases like...
" authority: aol.com 172800 NS dns-07.ns.aol.com."
This is asking an external nameserver to look up the information
If it does this then your link is good and it is likely to be the SME server.
Step 3 - Bug 506
I am having a discusion on this with bug 506
http://bugs.contribs.org/show_bug.cgi?id=506
So now run dnsip www.cnn.com
This should come back quite fast. with an answer, if it time out then you are seeing the second problem that I had and are discussing in bug 506
I know how I think I solved the problem, but just take it one step at a time.
Next thing to do is see how your SME server is set up..
config show dnscache
config show tinydns
and we can take it from there.
-
Thank Brian I will tru tonight can't do it now as office is running on 6.01 now .
Keith
-
Brian I checked out the things you gave me the result are
dnscache=service
TCPPORT=53
UDPPORT=53
Access=private
status=enabled
Tinydns=service
udpport=53
access=localhost
status=enabled
of course the other test showed quick responce to the commands dnsq & dnsip
dumped the dnscache and tinydns log files if you need them
sorry for the delay I have to do this after the systems are down
-
I believe that these are the correct responses.
So the next thing to do is confirm that the configuration is pushed to all the necessary files.
On the server-manager, on the reboot/shutdown panel there is a pull down that includes ( something like these words any way)
Restart
Reconfigure
Shutdown
Select Reconfigure and click the button
The server will go and re-write all of the configuration files and reboot.
This solved my problem.
The other thing that may be worth checking is ... what files exist in the /services/dnscache/env directory? ( this is a link to another directory )
If memory serves I have seen the FORWARDONLY flag set, I can't remember if this is correct oir not.
I'm sorry if this is vauge my server is at home, and I don't have a server here in the office
Brian
-
... and we can take it from there.
Please report all problems and followup via the Bug Tracker only please.