[HOWTO] - Speed up DNS lookups in OSX
- Thread starter Darkshadow
- Start date
kilowatt
mach-o mach-o man
I noticed today (because I rebooted, which I seldom do) that when NetworkTime was starting up, it took FOREVER. So I rebooted with apple-v (verbose mode) and NetworkTime gave some message about failing to resolve time.apple.com. After that happened, a few more things loaded, then the cacheing dns loaded. So looks like our dns server should start before any service that uses it, right?
Well, inside the StartupParamaters, it says it requires Disks, Resolver, Desktop DB, and Input Manager.
So why does the DNS server require the Resolver? Don't programs ask the Resolver to resolve hosts, and the resolver looks them up with the dns server? How can we make the dns server starrt up *before* anything requireing the resolver?
Also, I keep getting these entries in my console log (and on boot up in verbose mode):
Dec 20 01:22:18 mach4 lookupd[201]: DNSAgent: dns_fqdn_query_server - query failed for 127.0.0.1
Dec 20 01:22:28 mach4 lookupd[201]: DNSAgent: dns_send_query_server - timeout for 127.0.0.1
Dec 20 01:22:48 mach4 last message repeated 2 times
Dec 20 01:22:48 mach4 lookupd[201]: DNSAgent: dns_fqdn_query_server - query failed for 127.0.0.1
Dec 20 01:23:02 mach4 lookupd[201]: DNSAgent: dns_send_query_server - timeout for 127.0.0.1
This is all in my console.app file, but its really in /var/logs/netinfo.log
Any ideas?
Oh, and typing dig 127.0.0.1 in the terminal works fine...
Well, inside the StartupParamaters, it says it requires Disks, Resolver, Desktop DB, and Input Manager.
So why does the DNS server require the Resolver? Don't programs ask the Resolver to resolve hosts, and the resolver looks them up with the dns server? How can we make the dns server starrt up *before* anything requireing the resolver?
Also, I keep getting these entries in my console log (and on boot up in verbose mode):
Dec 20 01:22:18 mach4 lookupd[201]: DNSAgent: dns_fqdn_query_server - query failed for 127.0.0.1
Dec 20 01:22:28 mach4 lookupd[201]: DNSAgent: dns_send_query_server - timeout for 127.0.0.1
Dec 20 01:22:48 mach4 last message repeated 2 times
Dec 20 01:22:48 mach4 lookupd[201]: DNSAgent: dns_fqdn_query_server - query failed for 127.0.0.1
Dec 20 01:23:02 mach4 lookupd[201]: DNSAgent: dns_send_query_server - timeout for 127.0.0.1
This is all in my console.app file, but its really in /var/logs/netinfo.log
Any ideas?
Oh, and typing dig 127.0.0.1 in the terminal works fine...
genghiscohen
Membrum virile
Darkshadow,
I have downloaded a program called Lookup Manager, that sounds like it does some of the steps in your tutorial. Have you checked LM out at all?
At work right now (on a Dell POS running WinNT) so I can't double-check, but IIRC, it will let you add a FFAgent but doesn't include a NILAgent.
Anyhow, if I feel energetic this evening, I'll give your full set of instructions a try.
I have downloaded a program called Lookup Manager, that sounds like it does some of the steps in your tutorial. Have you checked LM out at all?
At work right now (on a Dell POS running WinNT) so I can't double-check, but IIRC, it will let you add a FFAgent but doesn't include a NILAgent.
Anyhow, if I feel energetic this evening, I'll give your full set of instructions a try.
beef
Dinner
now, the easiest way is obviously using NetInfo...
I dunno why you're stuck in single user mode. If you're stuck at "starting Directory Service" then you can wait about... dunno how long.... 10 mins? and it'll eventually give up.
if you insist on doing it from single user mode...well, I haven't done this before, so I'm not sure, but I think the command will be
niutil -destroy . /machines/whatever
you can first do
niutil -list . /machines
to see if the entries you made are there.
but I'm no expert in this, I suggest you check "niutil" command and it's options...and maybe wait for someone with more knowledge to respond.
now, I dunno what you did, but if you made entries for machines on your LAN, don't put "./local" under "serves". I've heard alot of people have just copied the "localhost" and changed the ip and the name for it. I think the correct entry would be "../network"
well, I'm just guessing. good luck anyway...
I dunno why you're stuck in single user mode. If you're stuck at "starting Directory Service" then you can wait about... dunno how long.... 10 mins? and it'll eventually give up.
if you insist on doing it from single user mode...well, I haven't done this before, so I'm not sure, but I think the command will be
niutil -destroy . /machines/whatever
you can first do
niutil -list . /machines
to see if the entries you made are there.
but I'm no expert in this, I suggest you check "niutil" command and it's options...and maybe wait for someone with more knowledge to respond.
now, I dunno what you did, but if you made entries for machines on your LAN, don't put "./local" under "serves". I've heard alot of people have just copied the "localhost" and changed the ip and the name for it. I think the correct entry would be "../network"
well, I'm just guessing. good luck anyway...
attackwolf
Registered
I was wondering where you found out about NetInfo and using it to cache DNS enteries. I'd really like to learn more about NetInfo and how it compares to traditional linux and unix tools.
Thanks,
Chris
Thanks,
Chris
I tried what you have above, all worked great to the 'Dig' command. I got the requisite information from MY DIG command, but when I try
sudo dig @a.root-servers.net ns >root.hints
It gives me a 'root.hints: Permission denied.
error.
Since I am a newbie, what am I doing wrong>? I went on a created the 127 file and stopped after that so I don't loose my place.
any help would be appreciated.
if you wish to email me directly, my email is
mprewitt@prewitt.com
thanks
Mark
sudo dig @a.root-servers.net ns >root.hints
It gives me a 'root.hints: Permission denied.
error.
Since I am a newbie, what am I doing wrong>? I went on a created the 127 file and stopped after that so I don't loose my place.
any help would be appreciated.
if you wish to email me directly, my email is
mprewitt@prewitt.com
thanks
Mark
cidion
Supervised Member of life
Thanks for the time and effort put into making this tutorial.
just as another FYI... after you change the settings (DNS server to 127.0.0.1) in the control panel, and you hit "apply now" well it disconnects your current internet connection.
It took me about 72 minues to realize that was the reason why [nslookup] didn't work.
It's working fine now, but in the future (or if I try this for someone else) and I want to "undo" what I just did, what should I do?
thanks!
cidion
just as another FYI... after you change the settings (DNS server to 127.0.0.1) in the control panel, and you hit "apply now" well it disconnects your current internet connection.
It took me about 72 minues to realize that was the reason why [nslookup] didn't work.
It's working fine now, but in the future (or if I try this for someone else) and I want to "undo" what I just did, what should I do?
thanks!
cidion
egilDOTnet
master of disaster
This is almost correct - its just that every DNS server in the listing above needs to be separated with semicolon, even if you just use one forwarder. I fought with this for quite some time before I saw the error.
Thanks for an otherwise very good walkthrough.
when i try to start named using the command "ndc start" i get the following error:
>>
opensocket_f: bind([0.0.0.0].53): Address already in use
ndc: error: could not start new name server (/usr/sbin/named)
>>
i tried use "ndc stop":
>>
ndc: error: ctl_client: evConnect(fd 3): Connection refused
ndc: error: cannot connect to command channel (/var/run/ndc)
>>
when i try to "ndc restart":
>>
ndc: error: name server was not running (warning only)
opensocket_f: bind([0.0.0.0].53): Address already in use
ndc: error: could not start new name server (/usr/sbin/named)
>>
any ideas what could be wrong? i've followed the instructions step by step...
thx in advance!
>>
opensocket_f: bind([0.0.0.0].53): Address already in use
ndc: error: could not start new name server (/usr/sbin/named)
>>
i tried use "ndc stop":
>>
ndc: error: ctl_client: evConnect(fd 3): Connection refused
ndc: error: cannot connect to command channel (/var/run/ndc)
>>
when i try to "ndc restart":
>>
ndc: error: name server was not running (warning only)
opensocket_f: bind([0.0.0.0].53): Address already in use
ndc: error: could not start new name server (/usr/sbin/named)
>>
any ideas what could be wrong? i've followed the instructions step by step...
thx in advance!
egilDOTnet
master of disaster
I am certainly no expert on this, but it looks to me like if some other service is using port 53, so that bind cannot take claim of it...
physicsGuy
Registered
neo36: I'm going by memory, but I think there was a line involving port 53 in a config file mentioned in the original instructions, that you were supposed to uncomment if you are behind a firewall. Are you behind a firewall?