This all started with WordPress timeouts. I was trying to activate some premium plugins, and the license activation was timing out. I started doing some digging and found they use the WordPress core library WP_http which in turn uses curl to make the request. I wrote my own code to use WP_Http and it failed in the same way with a timeout. I added a timeout parameter to the wp_remote_get() call, and it was able to complete without a timeout. I then used a IP address in place of the domain name and it worked without the need for the timeout parameter.
With that info in hand, I decided it must be on the server. I started doing some tests:
I then did the same test from another server that uses the same DNS servers in resolv.conf:
After much googling, I found a few number of suggested solutions:
- Disable IPv6
- Ensure /etc/nsswitch.conf is set correctly (hosts: files dns)
Neither of these worked for me. Finally, I added the following directive into my resolv.conf and it fixed the issue!
Apparently, this is actually somewhat related to ipv6 — from the resolv.conf manpage:
Now, I get good response times when I curl:
Looks like the resolver sends parallel requests, fails to see the IPv6 response, waits 5 sec and sends sequential requests because it thinks the nameserver is broken. By adding the options single-request, glibc makes the requests sequentially be default and does not timeout.
I found some good info and hints on this issue here: https://bbs.archlinux.org/viewtopic.php?id=75770
Lastly, to bring this whole thing full circle, the WprdPress plugins now are able to get out and communicate successfully. Woohoo!