[Pdns-users] huge delay when starting ldap-backend
norbert at linuxnetworks.de
Fri Apr 9 14:34:32 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Friday 09 April 2004 13:06, Piotr Wadas wrote:
> I'm using pdns 2.9.16, debian system, ldap backend (3 threads). I
> pdns.conf I specified ldap backend ip/port as 127.0.0.1:389.
Which Debian do you use? Stable, testing or unstable?
> Problem I have is, that when I start pdns, and it's creating
> its ldap-backend connection (threads) it takes about 20 secs. (!)
I've only seen such delays if localhost:389 was used as value for
ldap-host up to now.
The problem seems to be that all local addresses must be resolvable
before the pdns and openldap servers can be started. Therefore it
isn't possible for example to put the ip of localhost into the ldap
directory. Otherwise these delays will occur.
Please make sure to list all the addresses of your computer in /etc/
hosts, i.e. localhost and the IPs bound to your NICs. Furthermore the
file /etc/host.conf must contain the lines "order hosts,bind" and
"multi on". Can you please send me the content of your /etc/
resolv.conf and your /etc/nsswitch.conf?
> When booting machine, pdns starts before e.g. sendmail, but
> when server comes to step which is sendmail starting, pdns still
> doesn't serve requests, and sendmail has problem with resolving
> it's own hostname.
> Why this happens? What should I do to avoid this?
pdns is unable to answer the questions of sendmail because the
connection to the ldap server isn't established due to the fact that
it waits for a name lookup.
> Another problem is that when pdns is started and functioning, and
> I try restart slapd (openldap 2.1.29), it stops and doesn't start.
> When I stop pdns, then start openldap (it starts without problems
> now), thent start pdns again (and wait damned 20secs.), pdns works
> without problems.
Openldap seems to ask pdns for an IP address or a name, but it can't
answer it by querying the ldap directory. It is likely that it asks
the recursor. Can you check if this is true?
> I should rather expect that pdns fails, and needs to be
> restarted (20secs.) after cutting ldap connection, but why openldap
> cannot start? In other words, why do I have stop pdns before I
> start ldap again? I'd rather simply restart slapd, then restart
> pdns and be done.
You don't have to restart pdns after restarting openldap. The ldap
backend will automatically try to reopen the connection if it was
If you don't stop pdns before stopping openldap (in your current
setup, normally you don't have to do that), pdns will be asked for
something it can't answer and a timeout will occur after 20 sec.
> I read many docs about pdns and ldap, but found nothing in this
> subject, even no problem report.. I also tried to turn off some
> pdns options (guardian, and others) but it didn't help.
I've been told about a similar situation two times before (and I was
able to reproduce it on my computer), if "localhost:389" instead of
"127.0.0.1:389" was used. I think this may either be a configuration
problem and nsswitch related, but haven't found out what the real
problem is. The delay on startup of pdns is only a symptom.
I would be interested if this also happens with other backends
querying external databases on the same host (mysql, postgresql,
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the Pdns-users