slow non-cached quries

TMK engtmk at gmail.com
Tue Aug 30 07:26:10 UTC 2011


Tamer Mohamed
NOC engineer
LinkdotNet



On Tue, Aug 30, 2011 at 6:55 AM, Mark Andrews <marka at isc.org> wrote:
>
> In message <CAAKgOtgoifGPNEpHtX7++w=CZE1dPxX2DeGQ1PpkZ18dpuFPzA at mail.gmail.com>,
>  TMK writes:
>> Dears,
>>
>> Probably this the thousand time you get these question. but our bind server
>> have slow response time for the non-cached entries.
>>
>> I have run dig with +trace option and below is the result
>>
>> ; <<>> DiG 9.8.0-P2 <<>> @127.0.0.1 www.google.com +trace
>> ; (1 server found)
>> ;; global options: +cmd
>> . 2013 IN NS i.root-servers.net.
>> . 2013 IN NS g.root-servers.net.
>> . 2013 IN NS l.root-servers.net.
>> . 2013 IN NS m.root-servers.net.
>> . 2013 IN NS d.root-servers.net.
>> . 2013 IN NS b.root-servers.net.
>> . 2013 IN NS k.root-servers.net.
>> . 2013 IN NS j.root-servers.net.
>> . 2013 IN NS c.root-servers.net.
>> . 2013 IN NS a.root-servers.net.
>> . 2013 IN NS h.root-servers.net.
>> . 2013 IN NS e.root-servers.net.
>> . 2013 IN NS f.root-servers.net.
>> ;; Received 228 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
>>
>> com. 172800 IN NS a.gtld-servers.net.
>> com. 172800 IN NS b.gtld-servers.net.
>> com. 172800 IN NS c.gtld-servers.net.
>> com. 172800 IN NS d.gtld-servers.net.
>> com. 172800 IN NS e.gtld-servers.net.
>> com. 172800 IN NS f.gtld-servers.net.
>> com. 172800 IN NS g.gtld-servers.net.
>> com. 172800 IN NS h.gtld-servers.net.
>> com. 172800 IN NS i.gtld-servers.net.
>> com. 172800 IN NS j.gtld-servers.net.
>> com. 172800 IN NS k.gtld-servers.net.
>> com. 172800 IN NS l.gtld-servers.net.
>> com. 172800 IN NS m.gtld-servers.net.
>> ;; Received 492 bytes from 199.7.83.42#53(l.root-servers.net) in 175 ms
>>
>> google.com. 172800 IN NS ns2.google.com.
>> google.com. 172800 IN NS ns1.google.com.
>> google.com. 172800 IN NS ns3.google.com.
>> google.com. 172800 IN NS ns4.google.com.
>> ;; Received 168 bytes from 192.5.6.30#53(a.gtld-servers.net) in 250 ms
>>
>> www.google.com. 604800 IN CNAME www.l.google.com.
>> www.l.google.com. 300 IN A 209.85.148.106
>> www.l.google.com. 300 IN A 209.85.148.104
>> www.l.google.com. 300 IN A 209.85.148.147
>> www.l.google.com. 300 IN A 209.85.148.99
>> www.l.google.com. 300 IN A 209.85.148.103
>> www.l.google.com. 300 IN A 209.85.148.105
>> ;; Received 148 bytes from 216.239.34.10#53(ns2.google.com) in 225 ms
>>
>>
>>
>> we are running bind version "BIND 9.8.0-P2" on CentOS release 5.6 (Final)
>>
>> the process is running as mutlithreaded and consuming total of 60% of cpu
>> utilization.
>>
>> do we have network issue or performance bottleneck.
>>
>> engtmk
>
> To better match what a nameserver does, what does dig +trace +dnssec show?
>
>        dig +dnssec +trace www.google.com
>
> Mark
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
>

Hi Mark,

here is the output of the command

dig @127.0.0.1 www.google.com +trace +dnssec

; <<>> DiG 9.8.0-P2 <<>> @127.0.0.1 www.google.com +trace +dnssec
; (1 server found)
;; global options: +cmd
.			3600000	IN	NS	F.ROOT-SERVERS.NET.
.			3600000	IN	NS	A.ROOT-SERVERS.NET.
.			3600000	IN	NS	C.ROOT-SERVERS.NET.
.			3600000	IN	NS	J.ROOT-SERVERS.NET.
.			3600000	IN	NS	B.ROOT-SERVERS.NET.
.			3600000	IN	NS	K.ROOT-SERVERS.NET.
.			3600000	IN	NS	E.ROOT-SERVERS.NET.
.			3600000	IN	NS	D.ROOT-SERVERS.NET.
.			3600000	IN	NS	G.ROOT-SERVERS.NET.
.			3600000	IN	NS	L.ROOT-SERVERS.NET.
.			3600000	IN	NS	M.ROOT-SERVERS.NET.
.			3600000	IN	NS	I.ROOT-SERVERS.NET.
.			3600000	IN	NS	H.ROOT-SERVERS.NET.
;; Received 255 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms

com.			172800	IN	NS	f.gtld-servers.net.
com.			172800	IN	NS	m.gtld-servers.net.
com.			172800	IN	NS	g.gtld-servers.net.
com.			172800	IN	NS	h.gtld-servers.net.
com.			172800	IN	NS	e.gtld-servers.net.
com.			172800	IN	NS	i.gtld-servers.net.
com.			172800	IN	NS	a.gtld-servers.net.
com.			172800	IN	NS	c.gtld-servers.net.
com.			172800	IN	NS	j.gtld-servers.net.
com.			172800	IN	NS	k.gtld-servers.net.
com.			172800	IN	NS	l.gtld-servers.net.
com.			172800	IN	NS	d.gtld-servers.net.
com.			172800	IN	NS	b.gtld-servers.net.
com.			86400	IN	DS	30909 8 2
E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.			86400	IN	RRSIG	DS 8 1 86400 20110906000000 20110829230000 39283
. FMBZuvFdyUZayOFWU4oa6qZKMu0lBn9Pn/6UH6PXmvfdJlS8VZbX4zYe
v0SGIWwA+cY3LGrICltTHfeZ0/eVfW6L0qzlT8o9EnSQgZ0ZyvqYrmIy
S30lwE/WobQVJSC9+ADyO2KNVw4Rpn570X5hTHeDnymoaiI4WxOBipIi v5I=
;; Received 738 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 3133 ms

;; reply from unexpected source: 198.41.0.4#53, expected 192.54.112.30#53
;; Warning: ID mismatch: expected ID 64144, got 28413
google.com.		172800	IN	NS	ns2.google.com.
google.com.		172800	IN	NS	ns1.google.com.
google.com.		172800	IN	NS	ns3.google.com.
google.com.		172800	IN	NS	ns4.google.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 -
CK6RMF8AE5PU47R8P3AL6T4Q26TL26S7 NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400
20110906040911 20110830025911 41798 com.
Q+Oxc56WTwwyYy8hwvK+8883fMBCk5P3zkCCn6R0zXbjL666jzIQ3Fqx
hRY+f1DL/Mm4HVw7HY4rE1bAJ61iajFxMyys6P0fEGqx9jBM9gO/siE7
rTQilWZWwBFILlIggZFCt2Cpz0mJIplmJ4Ha5Anzp9Gt5f/TyBB3vu9c RKI=
S80V6798LSRQS3HJ5JTSO7N1LKSVIAT8.com. 86400 IN NSEC3 1 1 0 -
S8DHL9ICBS92G7KQAJCVT1CUQMAB9U5D NS DS RRSIG
S80V6798LSRQS3HJ5JTSO7N1LKSVIAT8.com. 86400 IN RRSIG NSEC3 8 2 86400
20110906061156 20110830050156 41798 com.
OhtpbDJaFRivIbgQKiFy7NXXfZszjX3TxVmZG2pfTDQNP30kkw0w23IG
g57fMUpevAulJefCMKyPmCf+HJHVTBdH08i5rv97EZgo9oR0yvGlFn6J
I8bngApoNqmIhvkwZpbxF1iamCp1SDuep7XMLpGq6EhvpwV+vlAwms9N EIU=
;; Received 664 bytes from 192.54.112.30#53(h.gtld-servers.net) in 215 ms

www.google.com.		604800	IN	CNAME	www.l.google.com.
www.l.google.com.	300	IN	A	74.125.39.147
www.l.google.com.	300	IN	A	74.125.39.104
www.l.google.com.	300	IN	A	74.125.39.106
www.l.google.com.	300	IN	A	74.125.39.105
www.l.google.com.	300	IN	A	74.125.39.99
www.l.google.com.	300	IN	A	74.125.39.103
;; Received 148 bytes from 216.239.34.10#53(ns2.google.com) in 158 ms

Regards,
engtmk



More information about the bind-users mailing list