Broadcom 4312 and DNS lookup

Similar Messages

• Slow DNS Lookups after connecting via PPP VPN

  I have this very annoying problem and just can't seem to find a method to resolve it.
  When I connect to my work network via a PPP VPN connection, all internet connectivity thereafter takes forever to do a DNS lookup. So when I browse the internet it takes ages before the page is displayed back.
  If I also do a ping in finder for a random URL, www.google.com for example, it sits there for nearly a minute before I get a response. If I then immediately perform the ping again, I get a response straight away. So it seems once it's resolved the domain name, it gets stored in a cache somewhere. If I try another domain name, I get the same delay and then it eventually gets through.
  As soon as I close the VPN connection, service is resumed and DNS lookups work fast.
  I've also made sure I've unchecked the option to "Send all traffic over VPN connection".
  I've also set my 'Service Order' to have my wireless Airport connection in the No #1 position.
  The other thing I've tried is deleting the default route (via Terminal) and adding one manually that points to my wireless router, again without success.
  Does anyone have any other ideas I could try? I've also recently re-installed a fresh copy of Leopard in case something was stuffed up, but the problem is still there after installation.
  Hoping someone has an easy solution!
  Many thanks

  I seem to have found a work-around. There is probably a neater way of doing this but here goes.
  Here is my setup:
  Airport Wireless to my home router
  PPP VPN connection to my office windows network
  3G connection via mobile phone
  My aim was to be able to connect to my office network via wireless at home or via my cellular data connection, but continue to route all non-work traffic via the main connection (wireless/3G).
  The #1 problem I had once I connected to my office VPN on either wireless or 3G, was that DNS lookups to general internet sites took forever. So to get around this, I created TWO VPN connections to my office network in Network Preferences and in both connections I made sure the option to send all traffic over VPN was left UNCHECKED.
  The first connection I then designated for use when connecting wirelessly at home. Here I manually added the IP address of my home router as a DNS entry.
  The second connection I did the same by adding a new DNS entry, except here I used the DNS server of my cellular data connection, in this case T-Mobile UK.
  When connecting to my office network I just use either of the above connections depending on whether I am connecting wirelessly at home or via my mobile phone.
  It seems a bit long winded I grant you, but after literally months of trying to resolve this annoying problem, this appears to be the only fix that works.
  The downfall of this would be that DNS resolution to any servers on your office network might not work, but that isn't a problem for me since I manually add any servers I use at work to my local hosts file. This negates any need for DNS lookups and actually speeds up access to my work servers.
  In amongst this I did several reboots, so you give your machine a reboot once you've completed the above steps, just in case.
  The 3G connection won't work for you if your provider changes the DNS server every time you connect, but this is unlikely.
  If anyone's got any comments, I'd love to hear them.
  Cheers
  Phil

• How to attach agent with unusual AD and DNS setup?

  I am trying to configure DPM for a client, which is a university department. They have a somewhat unusual setup of their AD and DNS and I think that is why I am having trouble attaching an agent I have installed.
  It is a new installation of DPM 2012 R2 version 4.2.1292.0 with a local SQL Server 2012 SP2. The OS is Windows Server 2012 R2. It is going to protect a bunch of SQL Server databases all on the same Windows Server 2012 R2 server. The SQL Server is a physical
  server and the DPM server is a hyper-v VM, running on a Windows Server 2012 R2 host.
  The install of DPM itself went smoothly.
  To install the agent on the SQL Server machine, I followed the instructions here:
  https://technet.microsoft.com/en-us/library/hh758186.aspx#BKMK_Manual. This was successful (I think)
  Then I proceeded with these instructions to attach the agent:
  https://technet.microsoft.com/en-us/library/hh757916.aspx
  This fails at the enter credentials stage with this message:
  DPM could not connect to the service control manager on these servers: [SqlMachinename].win.[universityname].dk (ID: 33221)
  As far as I can tell, the problem has to do with how the university manages windows AD domains and DNS lookup.
  The university uses one common AD domain named win.[universityname].dk for the entire campus, but it looks like DNS names for individual windows machines is managed locally at individual departments.
  Ipconfig says this (abbreviated) for the SQL Server where I installed the agent:
  Host Name . . . . . . . . . . . . : [SqlMachinename]
  Primary Dns Suffix  . . . . . . . : win.[universityname].dk
  DNS Suffix Search List. . . . . . : win.[universityname].dk
  [departmentname].[universityname].dk
  Ethernet adapter T2:
     Connection-specific DNS Suffix  . : [departmentname].[universityname].dk
     DHCP Enabled. . . . . . . . . . . : Yes
  This works from the DPM machine and shows the correct IP:
  ping [SqlMachinename]
  This works from the DPM machine and shows the correct IP:
  ping [SqlMachinename].[departmentname].[universityname].dk
  This fails from the DPM machine ("could not find host") and does not get an IP:
  ping [SqlMachinename].win.[universityname].dk
  I've used Message Analyzer to verify that when pinging just [SqlMachinename], in fact DNS tries first to append win.[universityname].dk, which fails and second [departmentname].[universityname].dk, which then succeeds. This is by the book, as I understand
  it because of the DNS Suffix Search list or because of the connections-specific DNS Suffix.
  The problem is that DPM only tries [SqlMachinename].win.[universityname].dk. I have verified this with Message Analyzer.
  I am not sure how to proceed. Is there another way to attach the agent? Maybe by IP-address?
  I cannot ask the client to put [SqlMachinename].win.[universityname].dk in their DNS database. I am sure that they do not register any individual machines in that DNS domain which cuts across the entire campus. I am equally sure that they will not consider
  creating individual AD domains for each department just because I ask (although that would probably be best in the long run).
  Any suggestions would be very much appreciated.

  Found a workaround:
  I can install and attach the agent using one of the methods designed for agents in workgroups or untrusted domains. For me NTLM worked fine as long as I used simple nertbios computer names without any domain suffixes.
  This is what worked:
  On protected server:
  SetDpmServer.exe -dpmServerName DPMServername -isNonDomainServer -userName DpmNtlmAccount
  On DPM Server:
  Attach-NonDomainServer.ps1 -DPMServername DpmServername -PSName servername -Username DpmNtlmAccount -Password xxxxx
  I still think it is weird that DPM insist that protected servers in thewe same AD domain must use the AD domain name in their DNS name. Very inflexible.

• WLC 5508 and WPA/WPA2 causes client DNS lookups to fail

  Hi all, we just recently received a brand new 5508 with 6.0.199.4 firmware.  We currently have three LAP-1250s that associate just fine to the WLC.
  For testing purposes only, we enabled WPA2 with both types of encryption TKIP and AES with an ASCII PSK.   The clients are able to connect, authenticate and get an IP address from our local (same subnet) DHCP server.  They also get the DNS info from our DHCP server.   However, the problem is that they are not able to do any DNS lookups.   I haven't run wireshark yet to confirm, but it sounds very familiar to this problem: https://supportforums.cisco.com/message/3202369
  I've even had clients use nslookup with both of my DNS servers and they are not able to resolve.  I'm not sure if the request or the reply is being blocked/dropped, but I can find out tomorrow.
  Now the strange part - if I turn off WLAN security altogether, it works!   That's right, I just disable L2 security for the WLAN and re-connect the clients and they are able to do full DNS lookups.
  AND - if I leave L2 security configured (WPA2 with PSK), and enable L3 Passthrough security - the clients get to the auth web page, click the "accept" button and are then able to do full DNS lookups too.
  What could be the problem here?   There's nothing I see configured for the L2 or L3 security settings that could be the culprit.  We're using default (from Cisco) configuration, so there's no ACLs configured or anything like that to block DNS.
  Another strange thing here which may or not be related - during initial configuration the setup asked for a virtual IP - so I gave it one - 1.1.2.2.   Now when I do an ipconfig /all on the client, I see this 1.1.2.2 address listed as the DHCP server.  Why is this?   It's definitely getting an IP address and DNS info from the correct DHCP server, so not sure why this is showing up.
  Thanks, Matt

  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin-top:0in;
  mso-para-margin-right:0in;
  mso-para-margin-bottom:10.0pt;
  mso-para-margin-left:0in;
  line-height:115%;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;}
  Hi Matt,
  Just wanted to jump in, and also mention it may be worth attempting to disable the fastpath feature on the 5508, and test your failing client again.  You may be hitting CSCti34667.
  debug fastpath cfgtool --fc.disable
  This command can be run via Telnet/SSH.  Please keep in mind that fastpath will automatically re-enable periodically, so we recommend disabling every 10 minutes as a workaround for any known fastpath issues.  You can do so by running the following Macro in TeraTerm:
  :mainloop
     sendln "debug fastpath cfgtool --fc.disable"
     pause 600
  goto mainloop
  If you find that disabling fastpath resolves your concern, you can reach out to TAC for an Escalation Image with the fix for this one.
  Best,
  Drew

• Different DNS lookup stratergi for recognized and not recognized root domain

  Firefox DNS lookup stratergy is different if the root domain in the URL is recognized (like .se) or not recognized (like .local). How can I add my selfintroduced root domain in the list of recognized root domains?

  Firefox DNS lookup stratergy is different if the root domain in the URL is recognized (like .se) or not recognized (like .local). How can I add my selfintroduced root domain in the list of recognized root domains?

• 9i app 9.0.2.01?Does the reverse DNS lookup have to be set up for a FQDN

  HEy guys:
  I'M ALWAYS GETTING STUCK IN THE SAME PLACE WHEN I AM TRYING TO INSTALL 9I APPSERVER 9.0.2.0.1 REL 2. ITS ALWATYS HAPPENING AT THE oRACLE db CONFIG assistant i have set up my host file and when i ping -a servername i get the full reply back ex. servername.domain.com but now when i ping -a 111.111.111.111 i do not get the host name back this is b/c i do not have the PTR record set up. Do i have to have a reverse dnslookup working for what oracle is stating is "FQDN" and not just the dns lookup working...how is oracle installer looking at this piece.
  that is the only i see that i don't have when i look at my computer name (by the way this is a winnt environment)in properties it has the FQDN. i also have set up the host file correctly resembling 111.111.111.111 servername.domainname.com servername oracleinstall. What else am i missing here guys? thanks for the help in advance
  regards,
  robert

  Actually, these issues were/are documented - see the addendum. Also, the install guide details which files need to be updated with the FQDN/IP.
  Though it does not have to be setup in your DNS server (say if you are just doing it on a single tier to test), those machines which are looking to connect to it would need to have the proper additions to the hosts file as well.
  As for why the 'non-default' http ports, this was a result of Unix security. Non-root users cannot start processes using ports below a specific range. As a result, oracle defaults them to a higher number allowing your oracle account whom lacks root access to start the http service.
  As for non-oracle responses, this isn't really an official forumn. I believe those oracle peeps who do respond here are doing so on their own. If you need official/immediate responses, then i would recommend using metalink for an itar or the metalink forums.
  Now on to Robert's second question. See metalink Note:209114.1: How to Change the Port used for Oracle 9iAS Portal 9.0.x. If you don't have access to metalink, let me know and I can forward the note or post it here.
  Have fun!

• [SOLVED] Slow DNS lookup, I think

  Hi
  I have a really annoying problem. My DNS lookup in Arch is painfully slow. I know it's not a network problem, as I don't have any problems in my Ubuntu installation. I have tried to run two simple tests to show you what I mean. The first is a simple ping google.
  ########### Ubuntu ###########
  carsten@carsten-laptop:~$ time ping -c 3 www.google.com
  PING www.l.google.com (216.239.61.104) 56(84) bytes of data.
  64 bytes from sn-in-f104.google.com (216.239.61.104): icmp_seq=1 ttl=245 time=17.4 ms
  64 bytes from sn-in-f104.google.com (216.239.61.104): icmp_seq=2 ttl=245 time=20.6 ms
  64 bytes from sn-in-f104.google.com (216.239.61.104): icmp_seq=3 ttl=245 time=11.4 ms
  --- www.l.google.com ping statistics ---
  3 packets transmitted, 3 received, 0% packet loss, time 2002ms
  rtt min/avg/max/mdev = 11.465/16.529/20.641/3.809 ms
  real 0m2.290s
  user 0m0.000s
  sys 0m0.004s
  ########### Arch ###########
  carsten ~/Desktop $ time ping -c 3 www.google.com
  PING www.l.google.com (216.239.61.104) 56(84) bytes of data.
  64 bytes from sn-in-f104.google.com (216.239.61.104): icmp_seq=1 ttl=245 time=12.3 ms
  64 bytes from sn-in-f104.google.com (216.239.61.104): icmp_seq=2 ttl=245 time=10.7 ms
  64 bytes from sn-in-f104.google.com (216.239.61.104): icmp_seq=3 ttl=245 time=12.4 ms
  --- www.l.google.com ping statistics ---
  3 packets transmitted, 3 received, 0% packet loss, time 2007ms
  rtt min/avg/max/mdev = 10.776/11.867/12.476/0.778 ms
  real 0m15.305s
  user 0m0.013s
  sys 0m0.007s
  Ubuntu: 0m2.290s vs. Arch: 0m15.305s.
  In the second test I tried to fake a pacman update by downloading the .db files from my primary server. On both Ubuntu and Arch I used this simple script
  repos=( core extra community )
  time for repo in ${repos[@]}
  do
  wget http://archlinux.unixheads.org/$repo/os/i686/$repo.db.tar.gz
  done
  When I run it in, I get this result
  ########### Ubuntu ###########
  carsten@carsten-laptop:~/Desktop$ ./updatetest
  --2008-11-10 07:58:23-- http://archlinux.unixheads.org/core/os/i686/core.db.tar.gz
  Resolving archlinux.unixheads.org... 204.152.186.174
  Connecting to archlinux.unixheads.org|204.152.186.174|:80... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 32515 (32K) [application/x-gzip]
  Saving to: `core.db.tar.gz'
  100%[=============================================================>] 32.515 --.-K/s in 0,1s
  2008-11-10 07:58:23 (331 KB/s) - `core.db.tar.gz' saved [32515/32515]
  --2008-11-10 07:58:23-- http://archlinux.unixheads.org/extra/os/i686/extra.db.tar.gz
  Resolving archlinux.unixheads.org... 204.152.186.174
  Connecting to archlinux.unixheads.org|204.152.186.174|:80... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 422622 (413K) [application/x-gzip]
  Saving to: `extra.db.tar.gz'
  100%[=============================================================>] 422.622 242K/s in 1,7s
  2008-11-10 07:58:25 (242 KB/s) - `extra.db.tar.gz' saved [422622/422622]
  --2008-11-10 07:58:25-- http://archlinux.unixheads.org/community/os/i686/community.db.tar.gz
  Resolving archlinux.unixheads.org... 204.152.186.174
  Connecting to archlinux.unixheads.org|204.152.186.174|:80... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 369845 (361K) [application/x-gzip]
  Saving to: `community.db.tar.gz'
  100%[=============================================================>] 369.845 206K/s in 1,8s
  2008-11-10 07:58:27 (206 KB/s) - `community.db.tar.gz' saved [369845/369845]
  real 0m3.837s
  user 0m0.016s
  sys 0m0.036s
  ########### Arch ###########
  carsten ~/Desktop $ ./updatetest
  --2008-11-10 08:01:33-- http://archlinux.unixheads.org/core/os/i686/core.db.tar.gz
  Resolving archlinux.unixheads.org... 204.152.186.174
  Connecting to archlinux.unixheads.org|204.152.186.174|:80... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 32515 (32K) [application/x-gzip]
  Saving to: `core.db.tar.gz'
  100%[==============================================================================>] 32,515 --.-K/s in 0.1s
  2008-11-10 08:01:47 (303 KB/s) - `core.db.tar.gz' saved [32515/32515]
  --2008-11-10 08:01:47-- http://archlinux.unixheads.org/extra/os/i686/extra.db.tar.gz
  Resolving archlinux.unixheads.org... 204.152.186.174
  Connecting to archlinux.unixheads.org|204.152.186.174|:80... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 422622 (413K) [application/x-gzip]
  Saving to: `extra.db.tar.gz'
  100%[==============================================================================>] 422,622 253K/s in 1.6s
  2008-11-10 08:02:02 (253 KB/s) - `extra.db.tar.gz' saved [422622/422622]
  --2008-11-10 08:02:02-- http://archlinux.unixheads.org/community/os/i686/community.db.tar.gz
  Resolving archlinux.unixheads.org... 204.152.186.174
  Connecting to archlinux.unixheads.org|204.152.186.174|:80... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 369845 (361K) [application/x-gzip]
  Saving to: `community.db.tar.gz'
  100%[==============================================================================>] 369,845 262K/s in 1.4s
  2008-11-10 08:02:17 (262 KB/s) - `community.db.tar.gz' saved [369845/369845]
  real 0m44.153s
  user 0m0.047s
  sys 0m0.017s
  Ubuntu: 0m3.837s vs. Arch: 0m44.153s
  I get the same update time whenever I update pacman normally.
  I have googled a lot to figure out an answer, but nothing helps, so I was hoping somebody could help me figure this out, as it's very annoying. My hosts file looks like this
  hosts:
  # /etc/hosts: static lookup table for host names
  #<ip-address> <hostname.domain.org> <hostname>
  127.0.0.1 localhost.localdomain localhost arch
  # End of file
  rc.conf:
  # /etc/rc.conf - Main Configuration for Arch Linux
  # LOCALIZATION
  # LOCALE: available languages can be listed with the 'locale -a' command
  # HARDWARECLOCK: set to "UTC" or "localtime"
  # USEDIRECTISA: use direct I/O requests instead of /dev/rtc for hwclock
  # TIMEZONE: timezones are found in /usr/share/zoneinfo
  # KEYMAP: keymaps are found in /usr/share/kbd/keymaps
  # CONSOLEFONT: found in /usr/share/kbd/consolefonts (only needed for non-US)
  # CONSOLEMAP: found in /usr/share/kbd/consoletrans
  # USECOLOR: use ANSI color sequences in startup messages
  LOCALE="en_US.utf8"
  HARDWARECLOCK="UTC"
  USEDIRECTISA="no"
  TIMEZONE="Asia/Singapore"
  KEYMAP="dk"
  CONSOLEFONT=
  CONSOLEMAP=
  USECOLOR="yes"
  # HARDWARE
  # MOD_AUTOLOAD: Allow autoloading of modules at boot and when needed
  # MOD_BLACKLIST: Prevent udev from loading these modules
  # MODULES: Modules to load at boot-up. Prefix with a ! to blacklist.
  # NOTE: Use of 'MOD_BLACKLIST' is deprecated. Please use ! in the MODULES array.
  MOD_AUTOLOAD="yes"
  #MOD_BLACKLIST=() #deprecated
  MODULES=(e100 mii iwl3945 fuse acpi-cpufreq cpufreq_ondemand cpufreq_conservative cpufreq_powersave loop !pcspkr !snd_pcsp)
  # Scan for LVM volume groups at startup, required if you use LVM
  USELVM="no"
  # NETWORKING
  # HOSTNAME: Hostname of machine. Should also be put in /etc/hosts
  HOSTNAME="arch"
  # Use 'ifconfig -a' or 'ls /sys/class/net/' to see all available interfaces.
  # Interfaces to start at boot-up (in this order)
  # Declare each interface then list in INTERFACES
  # - prefix an entry in INTERFACES with a ! to disable it
  # - no hyphens in your interface names - Bash doesn't like it
  # DHCP: Set your interface to "dhcp" (eth0="dhcp")
  # Wireless: See network profiles below
  #eth0="eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255"
  eth0="dhcp"
  INTERFACES=(!eth0 !wlan0)
  # Routes to start at boot-up (in this order)
  # Declare each route then list in ROUTES
  # - prefix an entry in ROUTES with a ! to disable it
  gateway="default gw 192.168.0.1"
  ROUTES=(!gateway)
  # Enable these network profiles at boot-up. These are only useful
  # if you happen to need multiple network configurations (ie, laptop users)
  # - set to 'menu' to present a menu during boot-up (dialog package required)
  # - prefix an entry with a ! to disable it
  # Network profiles are found in /etc/network.d
  # This now requires the netcfg package
  #NETWORKS=(main)
  # DAEMONS
  # Daemons to start at boot-up (in this order)
  # - prefix a daemon with a ! to disable it
  # - prefix a daemon with a @ to start it up in the background
  DAEMONS=(syslog-ng !network hal !netfs crond fam wicd cups laptop-mode oss gdm)
  SPLASH="splashy"
  Thanks in advance!
  Last edited by Sharpeee (2008-11-15 10:39:42)

  Just tried to remove the "search..." line from my /etc/resolv.conf file, but nothing! It's okay if I remove the line after it connects right? Wicd overwrites the file anyways if I reconnect.
  I don't really think changing to a different network-manager will help me. It works perfectly fine in Ubuntu with both network-manager and wicd, do don't think that's the problem. It must be a configuration file somewhere.
  #### EDIT ####
  I just tried to disable wicd and enable the wired network in /etc/rc.conf. After a reboot and it's still the same, even on the wired, so it's got be some other settings somewhere that's messing things up!
  Also, for some reason my theme, in Gnome, isn't loaded after I disabled wicd? I have to manually run "gnome-appearance-manager"??
  Last edited by Sharpeee (2008-11-11 05:01:46)

• Wireless Intermittent Super Slow DNS lookup bug in 10.6.4

  I don't normally post things on forums these days, as usually I can find just about any solution by searching long enough, but this issue has perplexed me to the point I actually had to come on here.
  Believe me, that's a big deal, I don't give up easily.
  I have spent -countless- hours searching, on here, on google, on any "solutions" or "technical" sites I could find, and the closest I can find to a solution are countless people complaining about the EXACT SAME PROBLEM that I have observed and, repeatedly, reproduced again and again, which in every single case boil down to this:
  You had 10.6.x (x being 3 or less) with a wireless connection on your home network and all is well.
  You upgraded to 10.6.4 and all seemed fine for maybe 24 hours or so... then it happens. You go to load a website, and it's "looking for site" or "waiting for site" in your status bar... hmm, maybe it's just this site you say, so you try another, or a few others in other tabs, but they all have the same problem.
  You try to ping the sites, but the network utility can't resolve the domain to even ping them.
  Your roommate, all the while, is surfing and gaming just fine on the exact same router you are on, so no, it's not the network hardware, it's not your ISP, hmm, what could it be?
  All of a sudden, ALL of the sites you had in like 20 tabs load up at screaming speeds, "WOW" you say, "guess there must have just been some gunk in the wires or something" (notice the irony of the situation: no wires)... anyway, all seems fine again suddenly, surfing is fine for a few minutes, you're back to normal... and it happens again, suddenly NO site will resolve, NO dns will resolve, you can't check email or ping any domain... and so the cycle begins. Of course, you can just plug an ethernet cable straight into the router, but doesn't that kind of defeat the purpose of having wireless networking in the first place?
  It continues like this, indefinitely, and it all starts roughly 24 hours after 10.6.4 has been installed.
  I have read reports of people on macbooks, people on imacs, people on all sorts of different wireless hardware, but the symptoms are the same.
  I know the problem is with the OS update, it's purely software. I know that it has nothing to do with hardware because simply reverting to 10.6.3 solves the problem -every single time- and then "upgrading" to 10.6.4 causes the problem to come back within 24 hours -every single time- (have been reverting using Time Machine to simplify this testing process), so no, where the problem is isn't what perplexes me; what perplexes me is that there are posts that started almost a few days after 10.6.4 came out, and so far there's STILL no fix? Are you freaking serious? Does the Apple programming team not have access to anything other than Apple-Branded Airport Extreme Base Stations to perform wireless network QA testing on?
  Get a Linksys guys, grab a D-Link, go get some of the hardware people actually USE and test it on that and see what happens, it doesn't take long to see what's happening.
  I blame the programmers because I am one myself and know how easy it is to screw up a rock-solid system with one little typo. Heck, which patch was it, 10.5.7 or 10.5.8 I think? Can't remember exactly, but it was supposed to be such a great "bug fix" patch... and it came with the config file for Apache set to DENY ALL INCOMING EXTERNAL CONNECTIONS by default (in a hidden file that can only be modified by the root user mind you... so much for the average user running a personal web server on THAT version), so yeah, one tiny mistake and it has huge consequences, my question is: what's taking so long to track down what's going on in 10.6.4 and fix it? Can we at least get a patch or something?
  I find it really lame and really such a cop-out to see so many irrelevant "solutions" offered, "try specifying different DNS servers" (doesn't matter, whatever causes this bug doesn't care which servers you have specified, it simply sits there and does NOTHING for 2-3 minutes, and THEN when it actually DOES do a dns lookup, it gets the results in the time expected: instantly), to more extreme matters, like resetting hardware, which again has absolutely nothing to do with this bug.
  Here is why anyone can see this is an obvious bug that the programming team needs to admit, investigate and correct:
  A. happens immediately after the software update
  B. happens to EVERYONE who uses traditional wireless routers for internet use
  C. is 100% repeatedly reproducible
  D. occurs on all different models of computers and all different ISP's and with all different DNS servers specified.
  E. has the same symptoms on every system (lightning fast internet for 2-3 minutes, then "waiting for site" for 1-3 minutes)
  F. affects EVERY network-using program on the computer (email, network utility, firefox, safari) SIMULTANEOUSLY
  G. does not affect surfing to or interacting with IP addresses directly, only with trying to perform DNS lookups from ANY program with ANY dns server (or no dns server) set in network preferences.
  Come on guys, just read it through, think about it for a few minutes, for anyone that has worked with and knows the underlying source code, and what changes went in between 10.6.3 and 10.6.4 specifically to networking, should have a light bulb pop up over their head and say "oh YEAH, we never uncommented that one line..." or something to that effect.

  I see a very similar issue, but it's been occurring on my laptop for 4 or 5 months, which must be way before 10.6.4. My roommate and friend's laptops all work fine on my network. And my laptop works fine on anyone else's network. But MY laptop on MY network always gives the abysmal DNS performance as described in the original post: 40% of requests time out. Wireless or wired, it doesn't matter. Exact same behavior.
  It also doesn't matter whether I use my Netgear router as DNS server, or my ISP, or OpenDNS, or Google. Exact same behavior.
  When I do a network trace, it looks like most DNS requests my computer sends out simply never get responded to. (Could they be malformed when they hit the wire? I don't even see an error reply) A few make it through. And when there's a IPv6 (AAAA) record sent, my computer returns a "port unreachable" ICMP message. A screenshot of all of this dialogue is here:
  http://img545.imageshack.us/i/screenshot20100913at114.png/
  I recently had opportunity to cancel my cable service, and reinstate it for a lower price. They came out, tested the line (strong signal), gave me a new cable box. Yet the issue persists. Exact same behavior.
  Firewall is disabled. I've deleted the network interfaces and added them back. Nothing helps.
  (As I recall, this issue may even have been present before I reinstalled 10.6 over 10.5, so I'm not too confident a total reinstall would help.)
  Any help? I'm about ready to buy a new laptop to fix this damned problem. Web browsing is nearly impossible, as is.

• OD, LDAP and DNS

  I am new to LDAP and I believe I have everything setup correctly on the server (everything under Open Directory in SA says "Running", logs don't show any errors). However, I can not access the LDAP server from a client machine using Directory Access. I suspect that client machines still can not "see" my LDAP server.
  I believe the issue may be with DNS and I am trying to understand the interaction between DNS and OD, etc. First off, I do not have DNS turned on for my Mac OS X Server since my ISP has always hosted our DNS. Is this a problem? Do I need DNS activated on the same server that I am running this LDAP server? I have tried entering the IP and DNS name on the client server using Directory Access and neither worked.

  The requirement is that references using your server's Fully Qualified Domain Name look up to its IP Address and its IP Address looks up to its Fully Qualified Domain Name. If your ISP does that for you, and does it correctly, Merry Christmas!
  All others must set up their own tiny DNS service to do the lookups. If you are behind an NAT firewall, you can Make Up whatever names you like and look them up locally, because they are invisible from the Internet.
  Remember that each workstation must have the address of the DNS available to it. It needs to be configured in the TCP/IP setup or dispensed via DHCP. If you use your own DNS (highly recommended) you must also dispense or configure the next upstream DNS (your ISP's DNS Address).
  "An Open Directory master requires properly configured DNS so it can provide single sign-on Kerberos authentication.
  Make sure DNS service is configured to resolve fully qualified DNS names and provide corresponding reverse lookups.
  DNS must resolve the fully qualified DNS name and provide reverse lookups for the Open Directory master server, all replica servers, and other servers that are members of the Kerberos realm.
  You can use the Lookup pane of Network Utility (in /Applications/Utilities/) to do a DNS lookup of a server's DNS name and a reverse lookup of the server's IP address.
  For instructions on setting up DNS service, browse Network Services Overview."
  -- from Server Admin 10.4 Help: Kerberos is Stopped on an Open Directory Master or Replica
  Message was edited by: Grant Bennet-Alder

• DB connection is doing a DNS lookup

  I have an application coded in Java which checks the oracle database if any new record is added.
  so the line of code for eastablishing the conection is :
  java.sql.Connection conn = � DriverManager.getConnection ( "jdbc:oracle:thin:@10.3.7.197:1521:DEV", "lot3","lot3" );
  the application checks the database every 2 mins for any new records.
  everytime the appln tries connecting to the DB, it is doing a DNS lookup. IS there any way to stop this DNS lookup?
  the appln is running on AIX Unix machine.
  Can anybody please help me?

  I have an application coded in Java which checks the
  oracle database if any new record is added.
  so the line of code for eastablishing the conection
  is :
  java.sql.Connection conn =
  DriverManager.getConnection (
  "jdbc:oracle:thin:@10.3.7.197:1521:DEV",
  "lot3","lot3" ); Wow, what a wasteful way to do it.
  >
  the application checks the database every 2 mins for
  any new records.
  everytime the appln tries connecting to the DB, it
  is doing a DNS lookup. IS there any way to stop this
  DNS lookup?Stop your application.
  Maybe a better solution would be to pool database connections. That would amortize the cost of acquiring the connections.
  Who writes the records in your database? If it's another application outside your Java app you're out of luck, but if it's just other objects inside your app I'd recommend that you take better advantage of the Java Beans event model and have writers notify others when they've written to the database. It's far less wasteful of resources.
  he appln is running on AIX Unix machine.
  Can anybody please help me?

• Why am I getting lots of dns lookup error's after upgrading to 6.0?

  Half or more of the websites I try to access give me a DNS lookup error page. It didn't happen before the upgrade.

  Cannot connect after upgrading Firefox
  * https://support.mozilla.com/en-US/kb/Cannot%20connect%20after%20upgrading%20Firefox
  Firefox cannot load websites but other programs can
  * https://support.mozilla.com/en-US/kb/Firefox%20cannot%20load%20websites%20but%20other%20programs%20can
  Clear Cookies & Cache
  * https://support.mozilla.com/en-US/kb/Template:clearCookiesCache
  Clear the Network Cache
  * https://support.mozilla.com/en-US/kb/How%20to%20clear%20the%20cache#w_clear-the-cache
  Check and tell if its working.

• DNS lookups to VPN hijacked by WRVS4400N (fw v1.1.13)?

  I have a WRVS4400N on the latest firmware offered by Cisco.  After a whole run of problems with previous firmware, this one seems to be almost perfect except for this odd issue I've been encountering now (that I hadn't encountered on previous firmware).
  It seems as though DNS lookups through the WRVS4400N are being redirected through a different DNS from the one set on the client (presumably, the router is taking all outbound UDP DNS queries and 'fixing' them to direct at the WAN DNS).
  I've verified this by using the 'host' command in UNIX (where 192.168.2.140 is the DNS server on the remote VPN network):
  1) Using a standard UDP DNS lookup from the LAN (192.168.1.0) to the VPN
  $ host test.intranetdomain.com 192.168.2.140
  Using domain server:
  Name: 192.168.2.140
  Address: 192.168.2.140#53
  Aliases:
  Host test.intranetdomain.com not found: 3(NXDOMAIN)
  2) Using a TCP DNS lookup from the LAN to the VPN
  $ host -T test.intranetdomain.com 192.168.2.140
  Using domain server:
  Name: 192.168.2.140
  Address: 192.168.2.140#53
  Aliases:
  test.intranetdomain.com has address 192.168.2.5
  3) Using a standard DNS lookup to an unassigned IP on the local LAN
  $ host test.intranetdomain.com 192.168.1.250
  ;; connection timed out; no servers could be reached
  4) Using a standard DNS lookup to a nonsense internet IP
  $ host test.intranetdomain.com 254.254.254.254
  Using domain server:
  Name: 254.254.254.254
  Address: 254.254.254.254#53
  Aliases:
  Host test.intranetdomain.com not found: 3(NXDOMAIN)
  These tests are pretty revealing:
  Test #1 shows a standard DNS query as a client system would typically perform it.  It's querying the server and the server is returning that the address I've asked it for is not known.  This is unexpected behaviour as the server at that IP address definitely knows test.intranetdomain.com exists.
  Test #2 shows that if queried using TCP instead of UDP, the DNS does know test.intranet.domain.com exists.  So, is the host command in Test #1 actually talking to my server?  It doesn't seem so.
  Test #3 is a demonstration of the expected response when host cannot talk to a remote DNS or that server doesn't exist. In this case, I'm using host to query an IP on my LAN that doesn't have anything on it.  This should be the response I get when I try to query a nonexistent server on the internet as well.
  Test #4 shows that in spite of the expected responses in Test #3, the WRVS4400N doesn't act as expected.  It shows the same type of response we saw in Test #1 even when querying non-existent IPs.
  In summary, the tests show that the WRVS4400N in firmware 1.1.13 is capturing all standard UDP DNS queries regardless of the IP they're directed to, and forwarding them to another DNS (I assume the WAN DNS).
  This seems like it may have been thrown in as an unmentioned 'feature' and is behaviour I might expect from a 'home' routing solution but not a small office solution such as this.  My company VPN requires DNS to be resolved by our servers inside the office network so this is not acceptible.
  Configuration Details:
  WAN: DHCP, dynamic IP, dyndns
  LAN: defaults for everything, static DNS set to use servers across the VPN
  VPN: IPSec tunnel to remote network 192.168.2.x
  IPS: Disabled
  Firewall: Defaults
  Any assistance or commentary from someone in-the-know would be appreciated.  Also, any comments from those also experiencing variations on this issue.
  Message Edited by litui on 03-10-2009 06:25 PM

  I've experienced the same DNS hijacking unable to use OpenDNS features unless I set the outside interface to static which is really DHCP by my cable provider. Of course, this is only a temporary work-around. Linksys/Cisco could allow for selectable DNS on the outside interface to resolve this problem, but they won't even look at a code change... unless EVERYONE complains. I requested this almost a year ago via a TAC case & their reaction was development almost never update unless they get many requests.

• Finding LDAP server names by DNS lookup.

  Hi,
  I'm very new with JNDI and DNS
  We are hardcoding the ldap server name in our configuration to connect to the Active directory, but the requirement is to know the ldap server name dynmaically by querying the DNS server.
  The input given to us are below.
  Dns domain : indbank.is.
  SRV RRecord : ldap.tcp.
  Query dns : ldap.tcp.indbank.is.
  The domain controller should be found by a DNS lookup for the domain, then a DNS for Domain controllers that advertise the service, then try to see if the domain controllers areanswering, and if so choose the one with the fastest answer time (to avoid choosing a domain controller over WAN).
  Kindly help me.I am beginner and some code sample and tip will be welcome. :)
  Thanks in advance.
  Hiubert

  Thanks a lot to All.
  My code is as follows...
  import javax.naming.*;
  import javax.naming.directory.*;
  import java.util.*;
  public class dns1
       public static void main(String[] args)     {
            try {
                 Hashtable env = new Hashtable();
                 env.put("java.naming.factory.initial","com.sun.jndi.dns.DnsContextFactory");
                 env.put("java.naming.provider.url", "dns://indbank.is");
                 DirContext ctx = new InitialDirContext(env);
                 System.out.println("Intial context created...");
                 Attributes attrs = ctx.getAttributes("_ldap._tcp.indbank.is",new String[] {"SRV"});
                 System.out.println("Attributes are been retrieved...");
                 for (NamingEnumeration ae = attrs.getAll();ae.hasMoreElements();)
                      Attribute attr = (Attribute)ae.next();
                      String attrId = attr.getID();
                      System.out.println("Attribute ID retrieved is" + attrId);
                      for (Enumeration vals = attr.getAll();vals.hasMoreElements(); System.out.println(attrId + ": " + vals.nextElement()));
                 ctx.close();
            catch(Exception e)
                 System.err.println("Problem querying DNS: " + e);
                 e.printStackTrace();
  The code runs fine and I get the output as follows
  0 100 389 ib500ad1.indbank.in
  0 100 389 ib500ad2.indbank.in
  I have following questions
  1) Do these servers which are returned are the domain controllers or the ldap servers.?(or both domaincontrollers and ldap server are same)
  2) how to extract the server name alone from this string.
  3) If these two server names are domain controllers then how can I query for a DNS for Domain controllers that advertise the service, then try to see if the domain controllers are answering, and if so choose the one with the fastest answer time (to avoid choosing a domain controller over WAN).
  Thanks in advance.
  -Hiubert

• LMS 4.2.2 ipsla http operation without DNS Lookup Time

  Hi,
  i´ve setup a add hoc device (webserver) and created a http operation with following options (see image 1) This operation polls the device every 10secs. So far so good. However, in the monitor graphic chart i do not see the DNS Lookup Time (image 2). What´s wrong with this setup?
  Thank you,

  the patch for BugID CSCtz29665 is released here on CCO:
  "http://www.cisco.com/cisco/software/release.html?mdfid=284259296&flowid=31102&softwareid=280775103&os=Windows%20CE%202.11&release=CSCtz29665_4.2.2&relind=AVAILABLE&rellifecycle=&reltype=latest"
  I do not know whey they opend a new section for Windows CE 2.11, - but on CCO you have to follow this path to find it:
  Downloads Home > Products > Network Management and Automation > Routing and Switching Management > Network Management Solutions > Cisco Prime LAN Management Solution > Cisco Prime LAN Management Solution 4.2 > LMS Patches > Windows CE 2.11-CSCtz29665_4.2.2

• Issue with very slow DNS lookup. SBS 2008 R2.

  (Preface: sorry if this is the wrong forum...new at this! X-posted from Reddit)
  I'm stumped with this one. Last week, the server installed a few updates, no problem, a handful of security stuff. Since then, I've been having issues with DNS lookups on every computer on the network. It will hang on "looking up <domain>.com..."
  and then after 20-30 seconds, it will show a "can't find the server" error. BUT THEN! When you click try again, it loads right up. And then it works fine. For a day or so. Then, the next day, or maybe just a few hours later, sometimes while browsing
  the same site, it will do the same thing. It's like the DNS server just forgets the lookups it's already done after a time.
  Things I've tried:
  restarting server (duh)
  rolling back updates
  reinstalling said updates
  restarting all network hardware from the gateway outwards
  restarting the service itself while the server is running
  The only thing the event log shows is a single error during startup - event ID 4015. The text reads:
  "The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is ' '."
  This error has only occurred once that I saw and did not occur on the most recent startup, but the issue is still present
  Active directory seems to be fine. No errors or warnings in it and no info from the event log is showing anything that seems to be helpful.
  I've looked around the KB but every article seems to be troubleshooting a much more specific problem or a different problem altogether, such as a misnamed, stuck, or incorrect DNS zone, or a DNS lookup that fails to complete altogether.

  Hi Craigglesofdoom,
  Would you please let us know current situation of this issue? Did you refer to above suggestions and solve this problem? If any update, please feel free to let us know.
  Please also run SBS BPA tool and check if find relevant issues.
  For Event ID 4015, please refer to following article and check if can help you.
  Event ID 4015 — DNS Server Active Directory Integration
  -->The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly.
  Please use dcdiag command-line tool. Any find?
  Domain Controller Diagnostics Tool (dcdiag.exe)
  Dcdiag for DNS: Test details explained
  Hope this helps.
  Best regards,
  Justin Gu
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]