Re: resolv.conf question

From: Doug Denault <doug_at_safeport.com>
Date: Tue, 11 Oct 2022 20:41:18 UTC
  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--0-1475784876-1665520878=:66282
Content-Type: TEXT/PLAIN; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8BIT

On Tue, 11 Oct 2022, Paul Procacci wrote:

> On Tue, Oct 11, 2022 at 1:03 PM Doug Denault <doug@safeport.com> wrote:
>       I have a resolve.conf specifying two name servers. The first one is in the
>       same data center, the second one is an Amazon virtual server. I had to
>       reboot a jail system. As Murphy would have it the local nameserver for some
>       reason did not answer when the jails were started.
>
>       I had assumed that if server one was not available the after the fail time
>       server two was tried. This only happened for the first jail. The linux
>       writeups (as I understand them) would seem to imply the second server
>       should be tried.
>
>       So I tried to RTFM, /usr/src/contrib/ldns/resolver.c in this case. It is
>       almost certain that the system was up but bind did not respond. The source
>       is a bit above my pay grade but it did seem possible that if that was the
>       case, the second server was never tried. This is what actually happened.
>
>       There were no other issues as each of the jails started fine with a manual
>       boot. Does anyone know if the timeout and/or retry setting offer a way
>       around this.
>
>       _____
>       Douglas Denault
>       http://www.safeport.com
>       doug@safeport.com
>       Voice: 301-217-9220
>          Fax: 301-217-9277
> 
> Hi Doug,
> 
> They are certainly tried in succession.
> 
> If you couldn't resolve a given name, then something was certainly wrong. 
> For testing, had you tried moving the second to the first?
> 
> I'd bet the result would have been the same and there was instead 
> something else going on.

Thanks Paul.

For performance reasons, especially if the first listed server is always 
used, I want that in our data center. Aside from speed, no hacking is 
possible. My purpose here is to figure how resolv.conf works. If more than 
one entry is effectively useless, I would be tempted to use 8.8.8.8. Also 
the jail mother had not been booted in several months and only now because 
I f-ed up changing the root password.




_____
Douglas Denault
http://www.safeport.com
doug@safeport.com
Voice: 301-217-9220
   Fax: 301-217-9277
--0-1475784876-1665520878=:66282--