Re: auth: Warning: DNS lookup took 1.550 s

Wed, 04 Feb 2015 12:29:02 -0800

how do you come to the conclusion that it matters how busy "this server is"? jesus christ you are asking *remote servers* for their answers and the request as well the answer passes different routers, ISP's and likely a *chain of forwarders* until you don't recursion at your own and even if you do you have no control how overloaded one of the networks between you and the auth dns server or this server itself is
*any* of the involved forwarders, networks and auth nameservers are responsible for the time to resolve your query 


frankly "I see around 5-6 times per day the following warning" as reason 
for writing a mail and continue insist the problem is on your side shows 
missing network understanding


Am 04.02.2015 um 17:48 schrieb ML mail:

Thanks for your comments. I understand as DNS uses UDP that there could be some 
DNS queries which might get lost if the CPU or network is too busy but the 
thing is that this server is not so busy really. It has 2 cores with 4 GB of 
RAM and the CPU averages to 2% usage. The network averages to 1 Mbit/s traffic 
and there are around 600-700 processes running for 1100 mailboxes. Note here 
that this server is simply a proxy server, mailboxes are located on a separated 
server on the same LAN, the same applies to the database which has its own 
server too. These are all virtual machines by the way.

I am not running a local DNS cache on the server. As suggested using a local 
DNS cache would simply fix this issue but I am more interested to know what is 
generating these slow DNS queries...

On Wednesday, February 4, 2015 2:59 PM, LuKreme <[email protected]> wrote:
On 04 Feb 2015, at 03:38 , ML mail <[email protected]> wrote:

I am running a dovecot and proxy server on two different virtual machines and 
on the dovecot proxy server I see around 5-6 times per day the following 
warning:

Feb 03 16:15:12 auth: Warning: 
proxy([email protected],xxx.xxx.xxx.xxx,<ABC123456789>): DNS lookup for 
mailboxserver.domain.com took 1.550 s


If you are seeing a warning that dans lookup took 1.5 seconds 5-6 times a day, 
why are you concerned?


I do not really understand how from time to time DNS queries are slow,


Because from time to time, queries are slow. A hiccough in the line, the server 
is slightly busy doing something else. There’s a lot of bandwidth during those 
1.5 seconds being used. It could be anything. If you were seeing hundreds of 
these warning, or if the times were over 5 seconds, then I’d worry.



I tried replicate this issue using dig to resolve the same DNS entry and it was 
always very fast. Is there any way I can debug better this issue? or is this 
nothing to worry about really?


I would not worry about it based on these numbers





Attachment:
signature.asc

Description: OpenPGP digital signature






















					Reply via email to