Slow DNS on Linux with IPv4 and IPV6 Configured Firewall

last updated in Categories ,

I‘m getting slow DNS response from ssh and other network related traffic with delay of 30-60+ seconds per connection. All of our servers are behind hardware based dedicated firewall. My RHEL v6.1 server system running on HP hardware. How do I fix this problem?

This is well known problem with RHEL 6 based systems and can be fixed by adding the following line to /etc/resolv.conf

options single-request-reopen

Save and close the file. This should fix the problem as the resolver uses the same socket for the A and AAAA requests. Turning this option on changes this behavior so that if two requests from the same port are not handled correctly it will close the socket and open a new one before sending the second request[1].

References:

  • [1] This solution is documented RHN KB ID # 58626 (Red hat subscription required)

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

1 comment

  1. I ran into same issue and this is a very nice fix. Thanks. However, whenever I reboot the system, the line “options single-request-reopen” is gone from /etc/resolve.conf file.
    I disabled selinux and removed the line “/etc/resolv.conf” from the file /etc/selinux/restorecond.conf. Still no luck. After rebooting, the change is reversed. Do you have any idea? Thanks again.

    Have a question? Post it on our forum!

Tagged as: Tags , , , , , , , , , ,