I'm doing planned maintenance and need to shut down a primary DNS host. since my hosts do host lookups for LDAP commands, when I shut this service down, it takes forever (minutes) before the host tries the secondary host in /etc/resolv.conf. How can I make this go faster or prevent this behavior entirely?
Asked
Active
Viewed 169 times
3
-
1http://serverfault.com/questions/218724/avoiding-dns-timeouts-when-a-dns-server-fails covers a similar question – Håkan Lindqvist Jul 08 '14 at 20:22
-
I guess I don't understand the idea of scheduling planned maintenance on a system that other systems depend on and then expecting those other systems to operate normally. The hosts have a dependency on DNS. You are performing maintenance on one of your DNS servers. You should account for this dependency in your planned maintenance. – joeqwerty Jul 09 '14 at 03:38
2 Answers
4
As was already pointed out in another answer, the timeout on the client can be adjusted but it's still not ideal if you want to be able to plan bringing down the resolver without adverse side effects.
You may be better off simply keeping something up at the IP address that your clients have as their primary resolver host. Maybe simply bring that IP up on the secondary during maintenance, if that is an option?
For a longer term solution maybe set up some cluster-based solution that ensures something is always available at that IP address.
Håkan Lindqvist
- 33,741
- 5
- 65
- 90
3
I asked a similar question years ago that got some good alternatives to the stock DNS resolver: DNS/resolv.conf settings for a Primary DNS Server failure?
My current setup basically modifies /etc/resolv.conf with options timeout:1. This means that if you don't get a response in a second, it tries another nameserver. Performance is still crap, but it's at least functional, and not nearly as bad as default.
Christopher Karel
- 6,442
- 1
- 26
- 34