Slow DNS on Linux with IPv4 and IPV6 Configured Firewall

Posted on in Categories , last updated July 4, 2011

I‘m getting slow DNS response from ssh and other network related traffic with delay of 30-60+ seconds per connection. All of our servers are behind hardware based dedicated firewall. My RHEL v6.1 server system running on HP hardware. How do I fix this problem?

This is well known problem with RHEL 6 based systems and can be fixed by adding the following line to /etc/resolv.conf

options single-request-reopen

Save and close the file. This should fix the problem as the resolver uses the same socket for the A and AAAA requests. Turning this option on changes this behavior so that if two requests from the same port are not handled correctly it will close the socket and open a new one before sending the second request[1].

References:

  • [1] This solution is documented RHN KB ID # 58626 (Red hat subscription required)

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on:

1 comment

  1. I ran into same issue and this is a very nice fix. Thanks. However, whenever I reboot the system, the line “options single-request-reopen” is gone from /etc/resolve.conf file.
    I disabled selinux and removed the line “/etc/resolv.conf” from the file /etc/selinux/restorecond.conf. Still no luck. After rebooting, the change is reversed. Do you have any idea? Thanks again.

    Reply Report comment

Leave a Comment

Tagged as: Tags , , , , , , , , , ,