The question:
How can I increase the timeout for querying the forwarder DNS on OS X Server 3.1.2 ?
I get DNS errors, which I believe could be solved by increasing the timeout for querying the forwarder DNS server.
My environment:
I'm using Mac OS X 10.9.5 with the OS X Server 3.1.2. I use the DNS service in the OS X Server. A forwarder has been set to my internet gateway (a FritzBox, which is a DSL modem plus tons of other features including a DNS server.)
EDIT: I set a second forwarder to 8.8.8.8 .
Consider this collection of things:
[MacBook Air] <--> [Mac Mini Server] <--> [Fritz!Box] <--> internet
The symptom:
I open github.com in the browser, it obviously cannot resolve the host immediately and waits… and waits… and finally shows the error that the host cannot be resolved.
The wireshark info:
On the MacMiniServer I ran Wireshark and could basically see this flow of packets:
[MacBookAir] -> [MacMiniServer] : #1 : Ask for github.com
[MacMiniServer] -> [Fritz!Box] : #2 : Ask for github.com
[MacMiniServer] -> [OtherDNS] : #3 : Ask for github.com
[MacMiniServer] <- [Fritz!Box] : #2 : reply with github.com IP
...
The fourth line occurred about 1.5 sec after the second line. So I assume that the DNS server saw the first query time out (#2) and asked another server. After 1.5 sec the FritzBox answered, but the MacMiniServer doesn't care any more and waits for the OtherDNS to answer. This repeats with many other DNS servers, and finally leads to a failed lookup.
Our connection quality is currently very bad at our place and things get worse, when I am downloading something. This seems to make the DNS roundtrip take longer than 1 sec and trigger lookup failures in many clients (computers, iPhones, etc.).
EDIT: After I added 8.8.8.8 as another forwarder in the OS X Server DNS, the following behaviour can be seen: The server forwards to the FritzBox. After a certain time, it forwards to 8.8.8.8. Then the responses come in from both FritzBox and 8.8.8.8 . However, the problem persists and from time to time, the system fails with name resolution. The problems mostly occur during times, when I assume that many households in the neighbourhood use IP-based TV.
How to fix?
I'd like to stay with the OS X Server solution and adjust the settings there. If this is not possible, I am willing to set up my own DNS server. (I did it on my FreeBSD server before switching to the Mac Mini Server, so that's an option, but I'd like to keep the "customization" of the server as low as possible.)
EDIT: I am a bit confused, as to why I am having these problems after switching over to a Mac Server (never occurred with the FreeBSD box). However, I could also imagine, that the region with its poor DSL quality is getting no attention by the ISP and things are just getting worse with increasing age of the cables and the switch to Mac is just a coincidence…
Best Answer
A DNS server that is configured to use a forwarder behaves as follows:
I doubt such timeout setting exists. Any timeout setting would just slow down the query forwarding to the forwarders. Additionally both forwarders (Fritz!Box/OtherDNS) you define in the
Mac Serversettings would suffer from a timeout.Skip the Fritz!Box and add one or two reliable & fast DNS servers (OpenDNS/Google).
You may check namebench to get some other fast and reliable forwarders.
I use the same setup (Server/Fritz!Box) and i get 50 ms from localhost and 77 ms from dnscache.berlin.ccc.de.