Linux slow dns lookup (delay = 5 seconds)

Objective

Some people notice a 5 second delay in the behaviour of some programs (mutt, wget, firefox) during the DNS lookup ("Looking up ......") while the direct DNS lookup host cs.columbia.edu has no delay. This is somehow related to IPv6 issues (start DNS with IPv6, wait 5 seconds...). Bottom line: apt-get install bind9 and add `nameserver 127.0.0.1' to /etc/resolv.conf Alternatively, add `options timeout:1' to /etc/resolv.conf

Some observations and fixes

If /etc/resolv.conf contains the LAN gateway (a white DSL modem with some green lights on it),

nameserver 192.168.1.1

then there is a 5 second delay with programs such as mutt and wget http://....

There is no delay when trying e.g. host cs.columbia.edu

The delay disappears when trying wget -4 http://... so educated people immediately know that this is ipv6 issue. These educated people say that ipv6 could altogether be disabled by running

sysctl net.ipv6.conf.all.disable_ipv6=1

or by modifying /etc/default/grub file adding the option `ipv6.disable=1', so that one of the lines looks like this:

GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet"

and then running `/usr/sbin/update-grub' to update grub. This did not help with wget and mutt.

The following line in /etc/resolv.conf ,

nameserver 8.8.8.8

(this is some nameserver by google) does not improve anything.

Having the IP addresses of my favourite hosts to /etc/hosts file did not give any improvement, DNS is still being used.

Adding to /etc/resolv.conf the line

options timeout:1

puts the "looking up... " delay down to 1 second.

For whatever reason, *empty* /etc/resolv.conf make programs such as mutt and wget connect instantaneously... aha, so does the line

nameserver 127.0.0.1

and this is only when the local DNS server bind9 is installed: apt-get install bind9 (or else the host cs.columbia.edu returns nothing). To make sure that the file /etc/resolv.conf is not overwritten, say chattr +i /etc/resolv.conf

Alternative approach

We learned from Andrew Athan that the following page gives more details on the problem: udrepper.livejournal.com/20948.html The problem is due to a resolver optimization that attempts both A and AAAA (i.e., ipv4 & ipv6) requests at the same time, that doesn't work correctly with some cable modems and/or firewall setups which end up returning only one response. Rather than turn off ipv6 you can add the line "options single-request" to /etc/resolv.conf, fix the DNS/firewall issue, or run a local caching server that works correctly.

In modern linux releases you don't actually want to edit resolv.conf directly, but instead edit the appropriate file in /etc/resolvconf.d ... since resolv.conf is generated by the networking startup scripts.

No DNS with some wifi connections

Once we discuss resolv.conf, let me mention that it once happened to me on Ubuntu that with some (all??) wifi connections the DNS resolution stopped working, without any particular reason. Installing bind9 did not help. The fix was to link /etc/resolv.conf directly to the resolv.conf substitute corresponding to the appropriate wifi interface:

cd /etc
mv resolv.conf resolv.conf.old
ln -s /etc/resolvconf/run/interface/wlan0.dhclient resolv.conf

Since I was only using the wifi interface, this fixed the problem.

Written by Andrew Comech