Troubleshooting slow DNS lookup
Mark Andrews
marka at isc.org
Fri Nov 26 01:56:34 UTC 2010
In message <AANLkTikwrkE2MtopsUJ-rh28WnknHw5mQhbC5MqMSnxX at mail.gmail.com>, Rian
to Wahyudi writes:
> Hi all,
>
> Im trying to troubleshoot and find out the reason why some of our DNS lookup
> take a long time :
>
>
> ns-dev ~ # rndc flushname www.paypal.com ; dig www.paypal.com @localhost
>
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> www.paypal.com @localhost
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29297
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 3, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;www.paypal.com. IN A
>
> ;; ANSWER SECTION:
> www.paypal.com. 300 IN A 64.4.241.33
> www.paypal.com. 300 IN A 64.4.241.49
> www.paypal.com. 300 IN A 66.211.169.2
> www.paypal.com. 300 IN A 66.211.169.65
>
> ;; AUTHORITY SECTION:
> paypal.com. 252 IN NS ns2.isc-sns.com.
> paypal.com. 252 IN NS ns3.isc-sns.info.
> paypal.com. 252 IN NS ns1.isc-sns.net.
>
> ;; ADDITIONAL SECTION:
> ns3.isc-sns.info. 3559 IN A 63.243.194.1
> ns3.isc-sns.info. 86352 IN AAAA 2001:5a0:10::1
>
> ;; Query time: 5119 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Fri Nov 26 12:05:49 2010
> ;; MSG SIZE rcvd: 225
>
> Doing trace :
You need to mimic the nameserver more closely and turn on +dnssec.
dig +trace +dnssec www.paypal.com
I suspect you have a firewall that is blocking the larger replies +dnssec
produces. Named will work around this by adjustting the queries it makes
but that requires timouts and hence the longer resolution time.
Mark
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> www.paypal.com @localhost
> +trace
> ;; global options: printcmd
> . 516870 IN NS i.root-servers.net.
> . 516870 IN NS j.root-servers.net.
> . 516870 IN NS k.root-servers.net.
> . 516870 IN NS l.root-servers.net.
> . 516870 IN NS m.root-servers.net.
> . 516870 IN NS a.root-servers.net.
> . 516870 IN NS b.root-servers.net.
> . 516870 IN NS c.root-servers.net.
> . 516870 IN NS d.root-servers.net.
> . 516870 IN NS e.root-servers.net.
> . 516870 IN NS f.root-servers.net.
> . 516870 IN NS g.root-servers.net.
> . 516870 IN NS h.root-servers.net.
> ;; Received 492 bytes from 127.0.0.1#53(127.0.0.1) in 2 ms
>
> com. 172800 IN NS b.gtld-servers.net.
> com. 172800 IN NS h.gtld-servers.net.
> com. 172800 IN NS f.gtld-servers.net.
> com. 172800 IN NS m.gtld-servers.net.
> com. 172800 IN NS c.gtld-servers.net.
> com. 172800 IN NS e.gtld-servers.net.
> com. 172800 IN NS d.gtld-servers.net.
> com. 172800 IN NS a.gtld-servers.net.
> com. 172800 IN NS g.gtld-servers.net.
> com. 172800 IN NS l.gtld-servers.net.
> com. 172800 IN NS j.gtld-servers.net.
> com. 172800 IN NS i.gtld-servers.net.
> com. 172800 IN NS k.gtld-servers.net.
> ;; Received 504 bytes from 192.36.148.17#53(i.root-servers.net) in 57 ms
>
> paypal.com. 172800 IN NS ns1.isc-sns.net.
> paypal.com. 172800 IN NS ns2.isc-sns.com.
> paypal.com. 172800 IN NS ns3.isc-sns.info.
> ;; Received 177 bytes from 192.33.14.30#53(b.gtld-servers.net) in 5498 ms
>
> www.paypal.com. 300 IN A 66.211.169.65
> www.paypal.com. 300 IN A 64.4.241.33
> www.paypal.com. 300 IN A 64.4.241.49
> www.paypal.com. 300 IN A 66.211.169.2
> paypal.com. 300 IN NS ns3.isc-sns.info.
> paypal.com. 300 IN NS ns1.isc-sns.net.
> paypal.com. 300 IN NS ns2.isc-sns.com.
> ;; Received 285 bytes from 72.52.71.1#53(ns1.isc-sns.net) in 174 ms
>
>
>
> Version of bind installed : bind-9.3.6-4.P1.el5_4.2
> IPv6 has been disabled on the host and firewall turned off during the test.
>
> Any toughts ?
>
> Regards,
>
> Rianto
>
> --00163646c12e7eca910495eaeb22
> Content-Type: text/html; charset=ISO-8859-1
> Content-Transfer-Encoding: quoted-printable
>
> Hi all,=A0<div><br></div><div>Im trying to troubleshoot and find out the re=
> ason why some of our DNS lookup take =A0a long time :</div><div><br></div><=
> div><br></div><div><div>ns-dev ~ # rndc flushname <a href=3D"http://www.pay=
> pal.com">www.paypal.com</a> ; dig <a href=3D"http://www.paypal.com">www.pay=
> pal.com</a> @localhost</div>
> <div><br></div><div>; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4=
> .2 <<>> <a href=3D"http://www.paypal.com">www.paypal.com</a> @l=
> ocalhost</div><div>;; global options: =A0printcmd</div><div>;; Got answer:<=
> /div>
> <div>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29297<=
> /div><div>;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 3, ADDITIONAL=
> : 2</div><div><br></div><div>;; QUESTION SECTION:</div><div>;<a href=3D"htt=
> p://www.paypal.com">www.paypal.com</a>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0=
> =A0 =A0 =A0IN =A0 =A0 =A0A</div>
> <div><br></div><div>;; ANSWER SECTION:</div><div><a href=3D"http://www.payp=
> al.com">www.paypal.com</a>. =A0 =A0 =A0 =A0 300 =A0 =A0 IN =A0 =A0 =A0A =A0=
> =A0 =A0 64.4.241.33</div><div><a href=3D"http://www.paypal.com">www.paypal=
> .com</a>. =A0 =A0 =A0 =A0 300 =A0 =A0 IN =A0 =A0 =A0A =A0 =A0 =A0 64.4.241.=
> 49</div>
> <div><a href=3D"http://www.paypal.com">www.paypal.com</a>. =A0 =A0 =A0 =A0 =
> 300 =A0 =A0 IN =A0 =A0 =A0A =A0 =A0 =A0 66.211.169.2</div><div><a href=3D"h=
> ttp://www.paypal.com">www.paypal.com</a>. =A0 =A0 =A0 =A0 300 =A0 =A0 IN =
> =A0 =A0 =A0A =A0 =A0 =A0 66.211.169.65</div><div><br>
> </div><div>;; AUTHORITY SECTION:</div><div><a href=3D"http://paypal.com">pa=
> ypal.com</a>. =A0 =A0 =A0 =A0 =A0 =A0 252 =A0 =A0 IN =A0 =A0 =A0NS =A0 =A0 =
> =A0<a href=3D"http://ns2.isc-sns.com">ns2.isc-sns.com</a>.</div><div><a hre=
> f=3D"http://paypal.com">paypal.com</a>. =A0 =A0 =A0 =A0 =A0 =A0 252 =A0 =A0=
> IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"http://ns3.isc-sns.info">ns3.isc-sn=
> s.info</a>.</div>
> <div><a href=3D"http://paypal.com">paypal.com</a>. =A0 =A0 =A0 =A0 =A0 =A0 =
> 252 =A0 =A0 IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"http://ns1.isc-sns.net">=
> ns1.isc-sns.net</a>.</div><div><br></div><div>;; ADDITIONAL SECTION:</div><=
> div><a href=3D"http://ns3.isc-sns.info">ns3.isc-sns.info</a>. =A0 =A0 =A0 3=
> 559 =A0 =A0IN =A0 =A0 =A0A =A0 =A0 =A0 63.243.194.1</div>
> <div><a href=3D"http://ns3.isc-sns.info">ns3.isc-sns.info</a>. =A0 =A0 =A0 =
> 86352 =A0 IN =A0 =A0 =A0AAAA =A0 =A02001:5a0:10::1</div><div><br></div><div=
> >;; Query time: 5119 msec</div><div>;; SERVER: 127.0.0.1#53(127.0.0.1)</div=
> ><div>;; WHEN: Fri Nov 26 12:05:49 2010</div>
> <div>;; MSG SIZE =A0rcvd: 225</div></div><div><br></div><div>Doing trace :=
> =A0</div><div><br></div><div><div>; <<>> DiG 9.3.6-P1-RedHat-9.=
> 3.6-4.P1.el5_4.2 <<>> <a href=3D"http://www.paypal.com">www.pay=
> pal.com</a> @localhost +trace</div>
> <div>;; global options: =A0printcmd</div><div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0=
> =A0 =A0 =A0 =A0 516870 =A0IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"http://i.=
> root-servers.net">i.root-servers.net</a>.</div><div>. =A0 =A0 =A0 =A0 =A0 =
> =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"ht=
> tp://j.root-servers.net">j.root-servers.net</a>.</div>
> <div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =A0 =A0=
> NS =A0 =A0 =A0<a href=3D"http://k.root-servers.net">k.root-servers.net</a>.=
> </div><div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =
> =A0 =A0NS =A0 =A0 =A0<a href=3D"http://l.root-servers.net">l.root-servers.n=
> et</a>.</div>
> <div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =A0 =A0=
> NS =A0 =A0 =A0<a href=3D"http://m.root-servers.net">m.root-servers.net</a>.=
> </div><div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =
> =A0 =A0NS =A0 =A0 =A0<a href=3D"http://a.root-servers.net">a.root-servers.n=
> et</a>.</div>
> <div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =A0 =A0=
> NS =A0 =A0 =A0<a href=3D"http://b.root-servers.net">b.root-servers.net</a>.=
> </div><div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =
> =A0 =A0NS =A0 =A0 =A0<a href=3D"http://c.root-servers.net">c.root-servers.n=
> et</a>.</div>
> <div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =A0 =A0=
> NS =A0 =A0 =A0<a href=3D"http://d.root-servers.net">d.root-servers.net</a>.=
> </div><div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =
> =A0 =A0NS =A0 =A0 =A0<a href=3D"http://e.root-servers.net">e.root-servers.n=
> et</a>.</div>
> <div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =A0 =A0=
> NS =A0 =A0 =A0<a href=3D"http://f.root-servers.net">f.root-servers.net</a>.=
> </div><div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =
> =A0 =A0NS =A0 =A0 =A0<a href=3D"http://g.root-servers.net">g.root-servers.n=
> et</a>.</div>
> <div>. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 516870 =A0IN =A0 =A0 =A0=
> NS =A0 =A0 =A0<a href=3D"http://h.root-servers.net">h.root-servers.net</a>.=
> </div><div>;; Received 492 bytes from 127.0.0.1#53(127.0.0.1) in 2 ms</div>=
> <div><br></div><div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0I=
> N =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"http://b.gtld-servers.net">b.gtld-ser=
> vers.net</a>.</div>
> <div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =A0NS=
> =A0 =A0 =A0<a href=3D"http://h.gtld-servers.net">h.gtld-servers.net</a>.</=
> div><div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =
> =A0NS =A0 =A0 =A0<a href=3D"http://f.gtld-servers.net">f.gtld-servers.net</=
> a>.</div>
> <div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =A0NS=
> =A0 =A0 =A0<a href=3D"http://m.gtld-servers.net">m.gtld-servers.net</a>.</=
> div><div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =
> =A0NS =A0 =A0 =A0<a href=3D"http://c.gtld-servers.net">c.gtld-servers.net</=
> a>.</div>
> <div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =A0NS=
> =A0 =A0 =A0<a href=3D"http://e.gtld-servers.net">e.gtld-servers.net</a>.</=
> div><div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =
> =A0NS =A0 =A0 =A0<a href=3D"http://d.gtld-servers.net">d.gtld-servers.net</=
> a>.</div>
> <div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =A0NS=
> =A0 =A0 =A0<a href=3D"http://a.gtld-servers.net">a.gtld-servers.net</a>.</=
> div><div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =
> =A0NS =A0 =A0 =A0<a href=3D"http://g.gtld-servers.net">g.gtld-servers.net</=
> a>.</div>
> <div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =A0NS=
> =A0 =A0 =A0<a href=3D"http://l.gtld-servers.net">l.gtld-servers.net</a>.</=
> div><div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =
> =A0NS =A0 =A0 =A0<a href=3D"http://j.gtld-servers.net">j.gtld-servers.net</=
> a>.</div>
> <div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =A0NS=
> =A0 =A0 =A0<a href=3D"http://i.gtld-servers.net">i.gtld-servers.net</a>.</=
> div><div>com. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0172800 =A0IN =A0 =A0 =
> =A0NS =A0 =A0 =A0<a href=3D"http://k.gtld-servers.net">k.gtld-servers.net</=
> a>.</div>
> <div>;; Received 504 bytes from 192.36.148.17#53(<a href=3D"http://i.root-s=
> ervers.net">i.root-servers.net</a>) in 57 ms</div><div><br></div><div><a hr=
> ef=3D"http://paypal.com">paypal.com</a>. =A0 =A0 =A0 =A0 =A0 =A0 172800 =A0=
> IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"http://ns1.isc-sns.net">ns1.isc-sns.=
> net</a>.</div>
> <div><a href=3D"http://paypal.com">paypal.com</a>. =A0 =A0 =A0 =A0 =A0 =A0 =
> 172800 =A0IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"http://ns2.isc-sns.com">ns=
> 2.isc-sns.com</a>.</div><div><a href=3D"http://paypal.com">paypal.com</a>. =
> =A0 =A0 =A0 =A0 =A0 =A0 172800 =A0IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"ht=
> tp://ns3.isc-sns.info">ns3.isc-sns.info</a>.</div>
> <div>;; Received 177 bytes from 192.33.14.30#53(<a href=3D"http://b.gtld-se=
> rvers.net">b.gtld-servers.net</a>) in 5498 ms</div><div><br></div><div><a h=
> ref=3D"http://www.paypal.com">www.paypal.com</a>. =A0 =A0 =A0 =A0 300 =A0 =
> =A0 IN =A0 =A0 =A0A =A0 =A0 =A0 66.211.169.65</div>
> <div><a href=3D"http://www.paypal.com">www.paypal.com</a>. =A0 =A0 =A0 =A0 =
> 300 =A0 =A0 IN =A0 =A0 =A0A =A0 =A0 =A0 64.4.241.33</div><div><a href=3D"ht=
> tp://www.paypal.com">www.paypal.com</a>. =A0 =A0 =A0 =A0 300 =A0 =A0 IN =A0=
> =A0 =A0A =A0 =A0 =A0 64.4.241.49</div><div><a href=3D"http://www.paypal.co=
> m">www.paypal.com</a>. =A0 =A0 =A0 =A0 300 =A0 =A0 IN =A0 =A0 =A0A =A0 =A0 =
> =A0 66.211.169.2</div>
> <div><a href=3D"http://paypal.com">paypal.com</a>. =A0 =A0 =A0 =A0 =A0 =A0 =
> 300 =A0 =A0 IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"http://ns3.isc-sns.info"=
> >ns3.isc-sns.info</a>.</div><div><a href=3D"http://paypal.com">paypal.com</=
> a>. =A0 =A0 =A0 =A0 =A0 =A0 300 =A0 =A0 IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=
> =3D"http://ns1.isc-sns.net">ns1.isc-sns.net</a>.</div>
> <div><a href=3D"http://paypal.com">paypal.com</a>. =A0 =A0 =A0 =A0 =A0 =A0 =
> 300 =A0 =A0 IN =A0 =A0 =A0NS =A0 =A0 =A0<a href=3D"http://ns2.isc-sns.com">=
> ns2.isc-sns.com</a>.</div><div>;; Received 285 bytes from 72.52.71.1#53(<a =
> href=3D"http://ns1.isc-sns.net">ns1.isc-sns.net</a>) in 174 ms</div>
> </div><div><br></div><div><br></div><div><br></div><div>Version of bind ins=
> talled :=A0bind-9.3.6-4.P1.el5_4.2</div><div>IPv6 has been disabled on the =
> host and firewall turned off during the test.=A0</div><div><br></div><div>A=
> ny toughts ?=A0</div>
> <div><br></div><div>Regards,</div><div><br></div><div>Rianto=A0</div><div><=
> br></div><div><br></div><div><br></div><div><br></div>
>
> --00163646c12e7eca910495eaeb22--
>
> --===============2929699010037471745==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> --===============2929699010037471745==--
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list