Obviously my Apache httpd instance is doing reverse DNS (RDNS, give me the hostname for this IP address) lookups for each incoming client connection's IP address. This is bad. Especially since sometimes resolution fails with a missing PTR record – after 28secs.
Diagnostics: I added %D to my "combined" log style and looked at the response times this way: Clearly <1s for all those that are logged with their hostname and 20+s for those that get their IP logged.
This is what I tried:
- Turn off the
server-statusextension. - Check that
HostnameLookups Offis in the config. - Check that
mod_accessis not given any hostname in anAllow/Denyrule. - Check that reverse proxied servers follow the same rules.
What have I missed?
Best Answer
It seems the standard Ubuntu 8.04 Apache httpd install comes with a
LogFormatthat starts with%hand that does a client IP's RDNS lookup. Why oh why?? Replacing it with%a(remote IP address, see custom log formats) reduces this problem by ca. 90%. Some remain...