[Pdns-users] huge delay when starting ldap-backend

Norbert Sendetzky norbert at linuxnetworks.de
Fri Apr 9 14:34:32 UTC 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 09 April 2004 13:06, Piotr Wadas wrote:
> I'm using pdns 2.9.16, debian system, ldap backend (3 threads). I
> pdns.conf I specified ldap backend ip/port as 127.0.0.1:389.

Which Debian do you use? Stable, testing or unstable?

> Problem I have is, that when I start pdns, and it's creating
> its ldap-backend connection (threads) it takes about 20 secs. (!)

I've only seen such delays if localhost:389 was used as value for 
ldap-host up to now.

The problem seems to be that all local addresses must be resolvable 
before the pdns and openldap servers can be started. Therefore it 
isn't possible for example to put the ip of localhost into the ldap 
directory. Otherwise these delays will occur.

Please make sure to list all the addresses of your computer in /etc/
hosts, i.e. localhost and the IPs bound to your NICs. Furthermore the 
file /etc/host.conf must contain the lines "order hosts,bind" and 
"multi on". Can you please send me the content of your /etc/
resolv.conf and your /etc/nsswitch.conf?

> When booting machine, pdns starts before e.g. sendmail, but
> when server comes to step which is sendmail starting, pdns still
> doesn't serve requests, and sendmail has problem with resolving
> it's own hostname.
> Why this happens? What should I do to avoid this?

pdns is unable to answer the questions of sendmail because the 
connection to the ldap server isn't established due to the fact that 
it waits for a name lookup.

> Another problem is that when pdns is started and functioning, and
> I try restart slapd (openldap 2.1.29), it stops and doesn't start.
> When I stop pdns, then start openldap (it starts without problems
> now), thent start pdns again (and wait damned 20secs.), pdns works
> without problems.

Openldap seems to ask pdns for an IP address or a name, but it can't 
answer it by querying the ldap directory. It is likely that it asks 
the recursor. Can you check if this is true?

> I should rather expect that pdns fails, and needs to be
> restarted (20secs.) after cutting ldap connection, but why openldap
> cannot start? In other words, why do I have stop pdns before I
> start ldap again? I'd rather simply restart slapd, then restart
> pdns and be done.

You don't have to restart pdns after restarting openldap. The ldap 
backend will automatically try to reopen the connection if it was 
closed.

If you don't stop pdns before stopping openldap (in your current 
setup, normally you don't have to do that), pdns will be asked for 
something it can't answer and a timeout will occur after 20 sec.

> I read many docs about pdns and ldap, but found nothing in this
> subject, even no problem report.. I also tried to turn off some
> pdns options (guardian, and others) but it didn't help.

I've been told about a similar situation two times before (and I was 
able to reproduce it on my computer), if "localhost:389" instead of 
"127.0.0.1:389" was used. I think this may either be a configuration 
problem and nsswitch related, but haven't found out what the real 
problem is. The delay on startup of pdns is only a symptom.

I would be interested if this also happens with other backends 
querying external databases on the same host (mysql, postgresql, 
etc.)


Norbert

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAkB2tIEACgkQxMLs5v5/7eD1XACcCi8LABOH8y17ypMbMple70GZ
doMAn2so+spdSPR5PCwTQKpPFbEj5wri
=uRDl
-----END PGP SIGNATURE-----


More information about the Pdns-users mailing list