how do you come to the conclusion that it matters how busy "this server is"? jesus christ you are asking *remote servers* for their answers and the request as well the answer passes different routers, ISP's and likely a *chain of forwarders* until you don't recursion at your own and even if you do you have no control how overloaded one of the networks between you and the auth dns server or this server itself is
*any* of the involved forwarders, networks and auth nameservers are responsible for the time to resolve your query
frankly "I see around 5-6 times per day the following warning" as reason for writing a mail and continue insist the problem is on your side shows missing network understanding
Am 04.02.2015 um 17:48 schrieb ML mail:
Thanks for your comments. I understand as DNS uses UDP that there could be some DNS queries which might get lost if the CPU or network is too busy but the thing is that this server is not so busy really. It has 2 cores with 4 GB of RAM and the CPU averages to 2% usage. The network averages to 1 Mbit/s traffic and there are around 600-700 processes running for 1100 mailboxes. Note here that this server is simply a proxy server, mailboxes are located on a separated server on the same LAN, the same applies to the database which has its own server too. These are all virtual machines by the way.
I am not running a local DNS cache on the server. As suggested using a local DNS cache would simply fix this issue but I am more interested to know what is generating these slow DNS queries...
On Wednesday, February 4, 2015 2:59 PM, LuKreme kremels@kreme.com wrote: On 04 Feb 2015, at 03:38 , ML mail mlnospam@yahoo.com wrote:
I am running a dovecot and proxy server on two different virtual machines and on the dovecot proxy server I see around 5-6 times per day the following warning:
Feb 03 16:15:12 auth: Warning: proxy(email@domain.com,xxx.xxx.xxx.xxx,<ABC123456789>): DNS lookup for mailboxserver.domain.com took 1.550 s
If you are seeing a warning that dans lookup took 1.5 seconds 5-6 times a day, why are you concerned?
I do not really understand how from time to time DNS queries are slow,
Because from time to time, queries are slow. A hiccough in the line, the server is slightly busy doing something else. There’s a lot of bandwidth during those 1.5 seconds being used. It could be anything. If you were seeing hundreds of these warning, or if the times were over 5 seconds, then I’d worry.
I tried replicate this issue using dig to resolve the same DNS entry and it was always very fast. Is there any way I can debug better this issue? or is this nothing to worry about really?
I would not worry about it based on these numbers