I have an ec2 instance used as LDAP server with the following example DNS names assigned by Amazon:
- Public DNS:
ec2-123-231-312-132.compute-1.amazonaws.com - Private DNS:
ip-10-11-12-13.ec2.internal
The instance has 123.231.312.132 public IP address and 10.11.12.13 private IP address respectively.
I have also set external dns records for my domain example.com to match this host:
slow IN A 123.231.312.132
fast IN CNAME ec2-123-231-312-132.compute-1.amazonaws.com
All DNS lookup requests work fast for every of these DNS names. However it takes 15 more seconds to connect to slow.example.com with LDAP or telnet client from inside of Amazon EC2 cloud. Connecting to fast.example.com, public IP/DNS and private IP/DNS provided by Amazon works equally fast. There is no such issue while connecting from outside of Amazon cloud.
Increased verbosity log of LDAP client showed there is a big delay during getaddrinfo() function call.
I know that Amazon recommends to use CNAME records instead of A records, but I'd like to understand the reason what happens behind the scenes.
There is also a similar issue with Windows box however my instance has no DNS cache. It is also a possibility that another issue on serverfault is connected with this.