DNS Issue?


#1

Hello all -

I recently switched my setup to use internal 10.0.0.x IPs for the
backend webserver connections. For 18-19 hours, it was fine, but now
I’m seeing issues. Each requests takes a LONG time to return. If I
switch back to the publicly accessible IPs, things work fine.

Any thoughts? Perhaps it’s trying to some sort of dns lookup and
failing?

Thanks!


#2

Hmmm, it appears we have general problems with using our 10.0.0.x
addresses. For example, doing something like:
ssh 10.0.0.2
takes a LONG time to return.

If I do something like
123.123.123 (my public IP),
things return promptly.

Perhaps this is a general networking question less than
nginx-specific, but thought I’d check if anyone has any good
suggestions! Thanks!


#3

On Wed, Oct 15, 2008 at 11:16 PM, Neil S. removed_email_address@domain.invalid wrote:

nginx-specific, but thought I’d check if anyone has any good
suggestions! Thanks!

Let me guess your sshd is doing reverse DNS lookups and you have no
internal DNS serving your 10.x.x.x network.

Cheers
Kon


#4

Hi Niel,

Have you traced the backend connection with tshark or ngrep to see what
traffic is flowing between nginx and your backend machines ?

Cheers

Dave

On Wed, 15 Oct 2008 22:24:52 -0700, Neil S. removed_email_address@domain.invalid wrote:

Hello all -

I recently switched my setup to use internal 10.0.0.x IPs for the
backend webserver connections. For 18-19 hours, it was fine, but now
I’m seeing issues. Each requests takes a LONG time to return. If I
switch back to the publicly accessible IPs, things work fine.

Any thoughts? Perhaps it’s trying to some sort of dns lookup and
failing?


#5

Try adding an entry for it in /etc/hosts


#6

I just added the following in the /etc/hosts file for each of my
servers:

10.0.0.2 mydomain.com
10.0.0.3 mydomain.com
10.0.0.4 mydomain.com
10.0.0.5 mydomain.com
10.0.0.6 mydomain.com
10.0.0.7 mydomain.com
10.0.0.8 mydomain.com
(repeated for each IP I have assigned)

A bit tedious, but seems to have solved the issue. Any downsides to
this?

Thanks!


#7
Basically, Kon was on point. Set up an internal DNS.

Since you have atleast 8 servers, and I guess probably more, you really need to think about using a local DNS, or you will have to modify the hosts file on each one of those when&if you make changes.

Lp

Neil S. wrote:
I just added the following in the /etc/hosts file for 
each of my servers:

10.0.0.2 mydomain.com
10.0.0.3 mydomain.com
10.0.0.4 mydomain.com
10.0.0.5 mydomain.com
10.0.0.6 mydomain.com
10.0.0.7 mydomain.com
10.0.0.8 mydomain.com
(repeated for each IP I have assigned)

A bit tedious, but seems to have solved the issue. Any downsides to
this?

Thanks!

On Thu, Oct 16, 2008 at 2:04 AM, CryptWizard <removed_email_address@domain.invalid>
wrote:

Try adding an entry for it in /etc/hosts

On Thu, Oct 16, 2008 at 7:13 PM, Neil S. <removed_email_address@domain.invalid> wrote:



I think this IS the issue, Kon.  For example, I do:
traceroute -n 10.0.0.2
Returns immediately

I do
traceroute 10.0.0.2
Takes quite some time.

Thoughts on how to resolve this? Perhaps my settings in ifcfg-eth1
aren’t complete?

On Wed, Oct 15, 2008 at 11:23 PM, Kon W. <removed_email_address@domain.invalid> wrote:



On Wed, Oct 15, 2008 at 11:16 PM, Neil S. <removed_email_address@domain.invalid> wrote:


Hmmm, it appears we have general problems with
using our 10.0.0.x
addresses. For example, doing something like:
ssh 10.0.0.2
takes a LONG time to return.

If I do something like
123.123.123 (my public IP),
things return promptly.

Perhaps this is a general networking question less than
nginx-specific, but thought I’d check if anyone has any good
suggestions! Thanks!



Let me guess your sshd is doing reverse DNS lookups
and you have no
internal DNS serving your 10.x.x.x network.

Cheers
Kon

    </pre>
  </blockquote>
</blockquote>
<pre wrap="">
</pre>
  

#8

I’m still not sure “what” is doing the lookup - nginx? Apache on the
backend? (I have HostnameLookup off there.)


#9

I think this IS the issue, Kon. For example, I do:
traceroute -n 10.0.0.2
Returns immediately

I do
traceroute 10.0.0.2
Takes quite some time.

Thoughts on how to resolve this? Perhaps my settings in ifcfg-eth1
aren’t complete?