Debian – Reverse DNS lookups slowing down network operations on LAN

debiandnslinuxnetworking

Environment

My LAN setup is quite basic:

A router connected to the ISP's modem and the internet
My development pc directly connected to the router

The router provides DHCP but does not run its own DNS server. In fact, there is no DNS server hosted anywhere on my LAN (typical home network setup). The router is configured to send the ISP's DNS servers as part of the DHCP lease information.

I set up a VirtualBox machine on my development PC and installed Debian Squeeze (6.0.4) on it. The VirtualBox network mode is Bridged Adapter to simulate a standalone server on my LAN. Being a VirtualBox server instead of a physical server is not really important, but I mention it for completeness.

The Problem

Every time a network operation executes a DNS reverse lookup of a LAN ip prior to executing, the server has long delays. Some examples of slow network operations:

SSH connection to the server from my dev PC
Connection to admin port of Glassfish server
netstat -l (netstat -nl is very fast)
Starting MTA: exim4 on boot takes a long time to complete

Some of these have workarounds like adding my dev pc's Ip to /etc/hosts or adding a command-specific option to avoid doing DNS reverse lookups. Obviously, using /etc/hosts only goes so far because it is at odds with DHCP.

However, I can't help but think that I'm missing something. Do I really need to setup a DNS server somewhere on my LAN? That seems like a huge and useless effort for my needs and I can't believe there isn't another option in a DHCP environment like mine.

I searched the net a lot for this and maybe I don't have the right search terms, but I can't find the solution…

update 1 following BillThor's answer

Using host (dig gives the same results):

# ip of stackoverflow.com
$ time host -v 64.34.119.12
Trying "12.119.34.64.in-addr.arpa"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15537
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;12.119.34.64.in-addr.arpa.     IN      PTR

;; ANSWER SECTION:
12.119.34.64.in-addr.arpa. 143  IN      PTR     stackoverflow.com.

Received 74 bytes from 192.168.1.1#53 in 15 ms

real    0m0.020s
user    0m0.008s
sys     0m0.000s

# ip of dev pc
$ time host -v 192.168.1.50
Trying "50.1.168.192.in-addr.arpa"
;; connection timed out; no servers could be reached

real    0m10.004s
user    0m0.004s
sys     0m0.000s

My /etc/resolv.conf (was automatically created during installation)

nameserver 192.168.1.1

Both host and dig return very fast for a public ip but take 10s to timeout for a LAN ip. I guess 10s is my current timeout value.

update 2

With dev-pc in /etc/hosts file:

$ time getent hosts 192.168.1.50
192.168.1.50    dev-pc

real    0m0.001s
user    0m0.000s
sys     0m0.000s

Without dev-pc in /etc/hosts file:

$ time getent hosts 192.168.1.50

real    0m10.012s
user    0m0.004s
sys     0m0.000s

It looks more and more like I'll have to find piecewise program options or parameters for each one trying to do reverse DNS lookups! None of the machines (virtual or not) can act as a DNS server on my LAN since they are not always up. Unfortunately, the router's firmware doesn't include a DNS server.

Best Answer

Is 192.168.1.1 your router's IP address?

nameserver 192.168.1.1 suggests your router is advertising itself as a DNS server, rather than "sending the ISP's DNS servers".

What brand and model of router do you have? Does the web interface show log messages?

I'm wondering if your router is forwarding the request to your ISP's nameservers, but your ISP's nameservers are dropping the request, because they don't want you to know what their machine with IP 192.168.1.50 is called.

Suggestions:

Double check your router's settings. It should answer requests for your own private network. Maybe you can add a static host entry in your router's web interface?
Try installing Avahi on all the systems on your network.
Tell your router to use Google Public DNS (8.8.8.8 and 8.8.4.4) or OpenDNS

Related Solutions

Linux – Ubuntu Linux Router: Set outbound NAT on 2 interfaces

The problem lies in getting a response from the client LAN I think, and so yes you need to use NAT to the client-LAN as well.

Let me explain:

Nodes on your LAN have your gateway as their default gateway.

Thus any traffic from them, be it to the client network (10.0.0.0/8) or the wider world (0.0.0.0/8) goes to it.

Traffic to the wider world is then NAT'd onto the Internet.

Traffic to the client's LAN is forwarded as is (I'm assuming here forwarding is working which the NAT working indicates it is).

So a packet from a node on your internal LAN, let us say it's IP is 192.168.1.200 goes to your gateway and is forward to the client LAN. However it's source address is still 192.168.1.200.

The client machine receives this and tried to reply, to 192.168.1.200.

Unless the client LAN machines have routes set for 192.168.1.0/24, or their default gateway is able to forward the packets to your gateway, they will not be able to route.

With NAT enabled then at the gateway the source address 192.168.1.200 is NAT'd to your client LAN gateway address, which client LAN nodes can respond to, where it will be re-addressed by your gateway and returned.

Linux – Local (127.0.1.1) DNS resolver ignores LAN DNS server

The 127.0.1.1 entry is most likely placed there by dnsmasq which is a local daemon for serving (and crucially caching) dns and dhcp. It's possible to configure NetworkManager to not run dnsmasq as follows: edit the file /etc/NetworkManager/NetworkManager.conf and comment out the line dns=dnsmasq by placing a # at the beginning of the line.

sudo nano /etc/NetworkManager/NetworkManager.conf

Now restart NetworkManager:

sudo service network-manager restart

Next check that the 127.0.1.1 entry has vanished from /etc/resolv.conf and replaced with those obtained from your router.