- For command like
wget http://hostname/some/fileit takes >5 seconds to resolve the hostname.
- Telnet login, ssh login, FTP login is slow (name resolution takes >5 seconds or in some cases 30-60 seconds)
- The server is behind IPv4 and IPv6 configured firewall (for example, hardware based dedicated firewall is used).
The issue is caused by a known RedHat problem. The resolver uses the same socket for the A and AAAA requests and two requests from the same port are not handled correctly (some systems mistakenly send back only one reply; when that happens, the client system will sit and wait for the second reply).
options single-request-reopen line to the
# echo "options single-request-reopen" >> /etc/resolv.conf
This option ensures that if two requests from the same port are not handled correctly, it will close the socket and open a new one before sending the second request.
In order to automate the solution, so that this adjustment is made for all newly created containers,
post-install script for the OS template can be modified:
(on example of centos-6-x86_64 template):
Check the location of the templates folder:
# grep ^TEMPLATE /etc/vz/vz.conf TEMPLATE="/vz/template"
echo "options single-request-reopen" >> etc/resolv.confline to the
# diff -u post-install_orig post-install --- post-install_orig 2014-06-13 07:10:04.199956852 +0700 +++ post-install 2014-06-13 07:09:19.724481908 +0700 @@ -164,8 +164,5 @@ # post-install script failure /usr/bin/update-mime-database /usr/share/mime > /dev/null 2>&1 +echo "options single-request-reopen" >> etc/resolv.conf popd > /dev/null
Recreate the template cache:
# vzpkg create cache centos-6-x86_64 -r -f