Description of Problem: DNS requests made ahead of NIS requests despite the settings in nsswitch.conf. Version-Release number of selected component (if applicable):glibc-2.2.4-13 How Reproducible: always Steps to Reproduce: 1. configure 7.2 as NIS client, check default nsswitch.conf settings: hosts: .. nis dns. NIS comes first. 2. make sure that NIS hosts map contains some names. For example include following: glibcnisbug 127.0.0.1 3. start "tcpdump port 53" on one terminal and "ping glibcnisbug" on another terminal. Actual Results: tcpdump shows DNS requests made to the default DNS server asking for an IP address of glibcnisbug.defaultdomain.com, where defaultdomain is "search" from /etc/resolv.conf Expected Results: No DNS requests made, because NIS request must be made first. Additional Information: This bug was found when DNS server went offline thus causing a huge delay in name resolution. Investigation revealed that DNS requests were made before NIS despite settings in nsswitch.conf
I have similar problem when the name servers for lucon.org were off-line. Even though I put x.x.x.x ocean.lucon.org lucon.org in /etc/hosts and there is hosts: files nisplus nis dns in /etc/nsswitch.conf, # ssh lucon.org took a long time to resolve since it tried DNS first. I tracked it down to the way how getaddrinfo works. But I never found time to fix it since my name server is working now.
See also Bug 71546: ldap for user files always used, regardless of nsswitch.conf Bug 66682: nis for user files always used, regardless of nsswitch.conf Bug 63631: local users never authenticated if ldap server down
It appears that this nsswitch.conf order problem has been resolved in rawhide. See: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=84105#c6 for details.
A clarification on: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=84105#c6 You should NOT install those RPMs on a production system. Rawhide is raw bits. Those RPMs were only in relationship to various DNS issues. Those rpms have a number of non-DNS related problems. For example, they cause the rpm command to dump core. They did, however, resolve the DNS issues, with the possible exception of excessive IPv6 lookups.
Now there are RPMs which you can use on production systems. RHL9 should handle this well. I've fixed a few more problem especially related to nscd and ldsp which will be in the next binary. Closing the bug now.