wiki

Now, if I add the new rotate option to my resolv.conf file, I observe different behaviour. Both nameservers are queried, regardless.

# cat /etc/resolv.conf

nameserver 10.1.50.201
nameserver 10.1.50.202
domain cg.com
options rotate
options         attempts:1
options         timeout:1

Other debug options:

options debug

DNS query timeouts are mediated by the environment variables:

RES_TIMEOUT RES_RETRY

The defaults are 5 and 4 respectively. Each retry doubles the timeout from before.

5 + 10 + 20 + 50 = 75 seconds.

Multiply this by the number of nameservers you have listed in /etc/resolv.conf and that's your DNS timeout PER QUERY when DNS is unreachable.

The minimum values are 1 and 1, which means:

1 + 2 = 3 seconds per nameserver.

If your network is routinely laggy, overloaded or has packet drops, then setting this to minimums could lead to unexpected and intermittant DNS failures.

However, something like this could let you use multiple nameservers and not have to worry about SSH hanging for 5 minutes in your DR site.

The best place to make these changes are /etc/environment. Log out and back in, then restart any processes you want to have faster timeouts.

For anything started and owned by init, you may need need to reboot.

To debug this you could use the RES_OPTIONS environment variable and examine the output to see what nameservers are being called and when and in what order. For example:

# RES_OPTIONS=debug host mygoodhostname  | grep Query
  ;; Querying server (# 1) address = 10.1.50.202
  ;; Querying server (# 2) address = 10.1.50.201

If the local network is a domain network using a name server for name resolution and an /etc/hosts file for backup, specify both services. The /etc/netsvc.conf file would contain the following line:

hosts=bind4,local

The NSORDER environment variable would be set as:

NSORDER=bind4,local