Slow DNS on Linux with IPv4 and IPV6 Configured Firewall

I‘m getting slow DNS response from ssh and other network related traffic with delay of 30-60+ seconds per connection. All of our servers are behind hardware based dedicated firewall. My RHEL v6.1 server system running on HP hardware. How do I fix this problem?

This is well known problem with RHEL 6 based systems and can be fixed by adding the following line to /etc/resolv.conf

options single-request-reopen

Save and close the file. This should fix the problem as the resolver uses the same socket for the A and AAAA requests. Turning this option on changes this behavior so that if two requests from the same port are not handled correctly it will close the socket and open a new one before sending the second request[1].


  • [1] This solution is documented RHN KB ID # 58626 (Red hat subscription required)

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 1 comment so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
1 comment… add one
  • Rocky Jun 15, 2012 @ 13:55

    I ran into same issue and this is a very nice fix. Thanks. However, whenever I reboot the system, the line “options single-request-reopen” is gone from /etc/resolve.conf file.
    I disabled selinux and removed the line “/etc/resolv.conf” from the file /etc/selinux/restorecond.conf. Still no luck. After rebooting, the change is reversed. Do you have any idea? Thanks again.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum