[MaraDNS list] Deadwood timing out on lookup

Sam Trenholme strenholme.usenet at gmail.com
Sat Aug 6 02:35:05 EDT 2011 

Your exact same configuration, on a nearly identical system (a 32-bit
CentOS 5 OpenVZ container with a 64-bit Scientific Linux 6 host using
a custom kernel based off of 042test013) works for me. e.g.:

[set at cartomancy ~]$ ls -l /proc/user_beancounters
-r-------- 1 root root 0 Aug  6 01:18 /proc/user_beancounters
[set at cartomancy ~]$ cat /etc/redhat-release
CentOS release 5.6 (Final)
[set at cartomancy ~]$ su
Password:
[root at cartomancy set]# cat > /etc/dwood3rc.steve
ipv4_bind_addresses = "127.0.0.1"
chroot_dir = "/etc/maradns"
recursive_acl = "127.0.0.1"
timeout_seconds = 10
maximum_cache_elements=1024
reject_mx=0
filter_rfc1918=0
upstream_servers = {}
upstream_servers["."] = "8.8.8.8, 4.2.2.2"
[root at cartomancy set]# cat /etc/resolv.conf
nameserver 127.0.0.1
[root at cartomancy set]# Deadwood -f /etc/dwood3rc.steve
Deadwood version 3.0.03
Deadwood: A DNS UDP non-recursive cache (IPv4-only)
We bound to 1 addresses

And then, in another window:

[set at cartomancy ~]$ ping www.yahoo.com
PING any-fp3-real.wa1.b.yahoo.com (209.191.122.70) 56(84) bytes of data.
64 bytes from ir1.fp.vip.mud.yahoo.com (209.191.122.70): icmp_seq=1
ttl=50 time=35.5 ms
64 bytes from ir1.fp.vip.mud.yahoo.com (209.191.122.70): icmp_seq=2
ttl=50 time=38.3 ms
64 bytes from ir1.fp.vip.mud.yahoo.com (209.191.122.70): icmp_seq=3
ttl=50 time=34.0 ms
^C
--- any-fp3-real.wa1.b.yahoo.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 34.041/35.986/38.370/1.800 ms
[set at cartomancy ~]$ dig @127.0.0.1 www.yahoo.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> @127.0.0.1 www.yahoo.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52289
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.yahoo.com.                 IN      A

;; ANSWER SECTION:
www.yahoo.com.          49      IN      CNAME   fp3.wg1.b.yahoo.com.
fp3.wg1.b.yahoo.com.    49      IN      CNAME   any-fp3-lfb.wa1.b.yahoo.com.
any-fp3-lfb.wa1.b.yahoo.com. 49 IN      CNAME   any-fp3-real.wa1.b.yahoo.com.
any-fp3-real.wa1.b.yahoo.com. 49 IN     A       67.195.160.76
any-fp3-real.wa1.b.yahoo.com. 49 IN     A       69.147.125.65
any-fp3-real.wa1.b.yahoo.com. 49 IN     A       209.191.122.70

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Aug  6 01:20:19 2011
;; MSG SIZE  rcvd: 160

Is your OpenVZ account a hosting account with a SolusVM (or other)
control panel, or do you control the server running OpenVZ?  In other
words, can you get at /etc/vz/conf/{container number}.conf on the
host?

What does "ifconfig" give you?

What messages do you get if you add the following to your dwood3rc:

verbose_level = 1000

Are you using Deadwood 3.0.03?

Here is what I get on my working system after adding the
verbose_level=1000 line:

[root at cartomancy set]# Deadwood -f /etc/dwood3rc.steve
Deadwood version 3.0.03
Deadwood: A DNS UDP non-recursive cache (IPv4-only)
Verbose_level set to 1000
We bound to 1 addresses
add_constant is set to 0x3a548f35
Got DNS query for \003www\005yahoo\003com\000\000\001
Looking in cache for query \003www\005yahoo\003com\000\000\001
Nothing found for \003www\005yahoo\003com\000\000\001
Making connection to IP 8.8.8.8
Caching a reply for query \003www\005yahoo\003com\000\000\001
Caching direct answer at \003www\005yahoo\003com\000\000\001
Looking in cache for query \003www\005yahoo\003com\000\000\001
Fetching \003www\005yahoo\003com\000\000\001 from cache

- Sam

2011/8/6 Steve Fatula <compconsultant at yahoo.com>:
> Didn't work for me.
>
> dwood3rc:
>
> ipv4_bind_addresses = "127.0.0.1"
> chroot_dir = "/etc/maradns"
> recursive_acl = "127.0.0.1"
> timeout_seconds = 10
> maximum_cache_elements=1024
> reject_mx=0
> filter_rfc1918=0
> upstream_servers = {}
> upstream_servers["."] = "8.8.8.8, 4.2.2.2"
>
> resolv.conf:
>
> nameserver 127.0.0.1
>
>
> I tried all sorts of things. It was taking around 40 seconds for milter-greylist to use deadwood to resolv the stuff it needed to (and never resolved dnswl). So, I replaced deadwood with dnsmasq, and, it takes < 2 seconds now. Works perfectly, though, uses a little more memory. So, not sure why dnsmasq is 20 times faster, but it is on this system which is openvz Centos 5.6
>
> Steve
>

More information about the list mailing list