slow non-cached quries

TMK engtmk at gmail.com
Sat Sep 3 12:06:32 UTC 2011


> Message: 1
> Date: Fri, 2 Sep 2011 10:05:42 +0200
> From: TMK <engtmk at gmail.com>
> Subject: Re: Fwd: Re: slow non-cached quries
> To: bind-users at lists.isc.org
> Message-ID:
>        <CAAKgOtgCoQdSZ2FJC8Y3kL+bj1gUabSB0ohoxnu+DgT8fyF0Hg at mail.gmail.com
>
> Content-Type: text/plain; charset="iso-8859-1"
>
> On Sep 2, 2011 9:48 AM, "TMK" <engtmk at gmail.com> wrote:
> >
> > ---------- Forwarded message ----------
> > From: "Leonard Mills" <lenm at yahoo.com>
> > Date: Aug 31, 2011 8:15 PM
> > Subject: Re: slow non-cached quries
> > To: "TMK" <engtmk at gmail.com>
> >
> > ;; Received 738 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 3133
ms
> >
> > That pretty much is your delay.  Look to your intermediate network
> segments, especially any smart devices.
> >
> >> ________________________________
> >> From: TMK <engtmk at gmail.com>
> >> To: Mark Andrews <marka at isc.org>
> >> Cc: bind-users at isc.org
> >> Sent: Wednesday, August 31, 2011 4:44 AM
> >> Subject: Re: slow non-cached quries
> >>
> >> On Tue, Aug 30, 2011 at 9:26 AM, TMK <engtmk at gmail.com> wrote:
> >>
> >> >
> >> > On Tue, Aug 30, 2011 at 6:55 AM, Mark Andrews <marka at isc.org> wrote:
> >> >>
> >> >> In message <CAAKgOtgoifGPNEpHtX7++w=
> CZE1dPxX2DeGQ1PpkZ18dpuFPzA at mail.gmail.com>,
> >> >>  TMK writes:
> >> >>> Dears,
> >> >>>
> >> >>> Probably this the thousand time you get these question. but our
bind
> server
> >> >>> have slow response time for the non-cached entries.
> >> >>>
> >> >>> I have run dig with +trace option and below is the result
> >> >>>
> >> >>> ; <<>> DiG 9.8.0-P2 <<>> @127.0.0.1 www.google.com +trace
> >> >>> ; (1 server found)
> >> >>> ;; global options: +cmd
> >> >>> . 2013 IN NS i.root-servers.net.
> >> >>> . 2013 IN NS g.root-servers.net.
> >> >>> . 2013 IN NS l.root-servers.net.
> >> >>> . 2013 IN NS m.root-servers.net.
> >> >>> . 2013 IN NS d.root-servers.net.
> >> >>> . 2013 IN NS b.root-servers.net.
> >> >>> . 2013 IN NS k.root-servers.net.
> >> >>> . 2013 IN NS j.root-servers.net.
> >> >>> . 2013 IN NS c.root-servers.net.
> >> >>> . 2013 IN NS a.root-servers.net.
> >> >>> . 2013 IN NS h.root-servers.net.
> >> >>> . 2013 IN NS e.root-servers.net.
> >> >>> . 2013 IN NS f.root-servers.net.
> >> >>> ;; Received 228 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
> >> >>>
> >> >>> com. 172800 IN NS a.gtld-servers.net.
> >> >>> com. 172800 IN NS b.gtld-servers.net.
> >> >>> com. 172800 IN NS c.gtld-servers.net.
> >> >>> com. 172800 IN NS d.gtld-servers.net.
> >> >>> com. 172800 IN NS e.gtld-servers.net.
> >> >>> com. 172800 IN NS f.gtld-servers.net.
> >> >>> com. 172800 IN NS g.gtld-servers.net.
> >> >>> com. 172800 IN NS h.gtld-servers.net.
> >> >>> com. 172800 IN NS i.gtld-servers.net.
> >> >>> com. 172800 IN NS j.gtld-servers.net.
> >> >>> com. 172800 IN NS k.gtld-servers.net.
> >> >>> com. 172800 IN NS l.gtld-servers.net.
> >> >>> com. 172800 IN NS m.gtld-servers.net.
> >> >>> ;; Received 492 bytes from 199.7.83.42#53(l.root-servers.net) in
175
> ms
> >> >>>
> >> >>> google.com. 172800 IN NS ns2.google.com.
> >> >>> google.com. 172800 IN NS ns1.google.com.
> >> >>> google.com. 172800 IN NS ns3.google.com.
> >> >>> google.com. 172800 IN NS ns4.google.com.
> >> >>> ;; Received 168 bytes from 192.5.6.30#53(a.gtld-servers.net) in 250
> ms
> >> >>>
> >> >>> www.google.com. 604800 IN CNAME www.l.google.com.
> >> >>> www.l.google.com. 300 IN A 209.85.148.106
> >> >>> www.l.google.com. 300 IN A 209.85.148.104
> >> >>> www.l.google.com. 300 IN A 209.85.148.147
> >> >>> www.l.google.com. 300 IN A 209.85.148.99
> >> >>> www.l.google.com. 300 IN A 209.85.148.103
> >> >>> www.l.google.com. 300 IN A 209.85.148.105
> >> >>> ;; Received 148 bytes from 216.239.34.10#53(ns2.google.com) in 225
ms
> >> >>>
> >> >>>
> >> >>>
> >> >>> we are running bind version "BIND 9.8.0-P2" on CentOS release 5.6
> (Final)
> >> >>>
> >> >>> the process is running as mutlithreaded and consuming total of 60%
of
> cpu
> >> >>> utilization.
> >> >>>
> >> >>> do we have network issue or performance bottleneck.
> >> >>>
> >> >>> engtmk
> >> >>
> >> >> To better match what a nameserver does, what does dig +trace +dnssec
> show?
> >> >>
> >> >>        dig +dnssec +trace www.google.com
> >> >>
> >> >> Mark
> >> >> --
> >> >> Mark Andrews, ISC
> >> >> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> >> >> PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
> >> >>
> >> >
> >> > Hi Mark,
> >> >
> >> > here is the output of the command
> >> >
> >> > dig @127.0.0.1 www.google.com +trace +dnssec
> >> >
> >> > ; <<>> DiG 9.8.0-P2 <<>> @127.0.0.1 www.google.com +trace +dnssec
> >> > ; (1 server found)
> >> > ;; global options: +cmd
> >> > .                       3600000 IN      NS      F.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      A.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      C.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      J.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      B.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      K.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      E.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      D.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      G.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      L.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      M.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      I.ROOT-SERVERS.NET.
> >> > .                       3600000 IN      NS      H.ROOT-SERVERS.NET.
> >> > ;; Received 255 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
> >> >
> >> > com.                    172800  IN      NS      f.gtld-servers.net.
> >> > com.                    172800  IN      NS      m.gtld-servers.net.
> >> > com.                    172800  IN      NS      g.gtld-servers.net.
> >> > com.                    172800  IN      NS      h.gtld-servers.net.
> >> > com.                    172800  IN      NS      e.gtld-servers.net.
> >> > com.                    172800  IN      NS      i.gtld-servers.net.
> >> > com.                    172800  IN      NS      a.gtld-servers.net.
> >> > com.                    172800  IN      NS      c.gtld-servers.net.
> >> > com.                    172800  IN      NS      j.gtld-servers.net.
> >> > com.                    172800  IN      NS      k.gtld-servers.net.
> >> > com.                    172800  IN      NS      l.gtld-servers.net.
> >> > com.                    172800  IN      NS      d.gtld-servers.net.
> >> > com.                    172800  IN      NS      b.gtld-servers.net.
> >> > com.                    86400   IN      DS      30909 8 2
> >> > E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
> >> > com.                    86400   IN      RRSIG   DS 8 1 86400
> 20110906000000 20110829230000 39283
> >> > . FMBZuvFdyUZayOFWU4oa6qZKMu0lBn9Pn/6UH6PXmvfdJlS8VZbX4zYe
> >> > v0SGIWwA+cY3LGrICltTHfeZ0/eVfW6L0qzlT8o9EnSQgZ0ZyvqYrmIy
> >> > S30lwE/WobQVJSC9+ADyO2KNVw4Rpn570X5hTHeDnymoaiI4WxOBipIi v5I=
> >> > ;; Received 738 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in
3133
> ms
> >> >
> >> > ;; reply from unexpected source: 198.41.0.4#53, expected
> 192.54.112.30#53
> >> > ;; Warning: ID mismatch: expected ID 64144, got 28413
> >> > google.com.             172800  IN      NS      ns2.google.com.
> >> > google.com.             172800  IN      NS      ns1.google.com.
> >> > google.com.             172800  IN      NS      ns3.google.com.
> >> > google.com.             172800  IN      NS      ns4.google.com.
> >> > CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 -
> >> > CK6RMF8AE5PU47R8P3AL6T4Q26TL26S7 NS SOA RRSIG DNSKEY NSEC3PARAM
> >> > CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400
> >> > 20110906040911 20110830025911 41798 com.
> >> > Q+Oxc56WTwwyYy8hwvK+8883fMBCk5P3zkCCn6R0zXbjL666jzIQ3Fqx
> >> > hRY+f1DL/Mm4HVw7HY4rE1bAJ61iajFxMyys6P0fEGqx9jBM9gO/siE7
> >> > rTQilWZWwBFILlIggZFCt2Cpz0mJIplmJ4Ha5Anzp9Gt5f/TyBB3vu9c RKI=
> >> > S80V6798LSRQS3HJ5JTSO7N1LKSVIAT8.com. 86400 IN NSEC3 1 1 0 -
> >> > S8DHL9ICBS92G7KQAJCVT1CUQMAB9U5D NS DS RRSIG
> >> > S80V6798LSRQS3HJ5JTSO7N1LKSVIAT8.com. 86400 IN RRSIG NSEC3 8 2 86400
> >> > 20110906061156 20110830050156 41798 com.
> >> > OhtpbDJaFRivIbgQKiFy7NXXfZszjX3TxVmZG2pfTDQNP30kkw0w23IG
> >> > g57fMUpevAulJefCMKyPmCf+HJHVTBdH08i5rv97EZgo9oR0yvGlFn6J
> >> > I8bngApoNqmIhvkwZpbxF1iamCp1SDuep7XMLpGq6EhvpwV+vlAwms9N EIU=
> >> > ;; Received 664 bytes from 192.54.112.30#53(h.gtld-servers.net) in
215
> ms
> >> >
> >> > www.google.com.         604800  IN      CNAME   www.l.google.com.
> >> > www.l.google.com.       300     IN      A       74.125.39.147
> >> > www.l.google.com.       300     IN      A       74.125.39.104
> >> > www.l.google.com.       300     IN      A       74.125.39.106
> >> > www.l.google.com.       300     IN      A       74.125.39.105
> >> > www.l.google.com.       300     IN      A       74.125.39.99
> >> > www.l.google.com.       300     IN      A       74.125.39.103
> >> > ;; Received 148 bytes from 216.239.34.10#53(ns2.google.com) in 158 ms
> >> >
> >> > Regards,
> >> > engtmk
> >> >
> >>
> >> dears any help would be much appreciated
> >> _______________________________________________
> >> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> >>
> >> bind-users mailing list
> >> bind-users at lists.isc.org
> >> https://lists.isc.org/mailman/listinfo/bind-users
> >>
> >>
>
> Would creating master cash DNS and configure all other cache DNS to only
> forward requests to it would solve this issue
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
https://lists.isc.org/pipermail/bind-users/attachments/20110902/480ecaaa/attachment-0001.html
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 2 Sep 2011 10:35:54 +0200
> From: Matus UHLAR - fantomas <uhlar at fantomas.sk>
> Subject: Re: Fwd: Re: slow non-cached quries
> To: bind-users at lists.isc.org
> Message-ID: <20110902083553.GB10266 at fantomas.sk>
> Content-Type: text/plain; charset=us-ascii; format=flowed
>
> >> From: "Leonard Mills" <lenm at yahoo.com>
> >> Date: Aug 31, 2011 8:15 PM
> >> Subject: Re: slow non-cached quries
> >> To: "TMK" <engtmk at gmail.com>
> >>
> >> ;; Received 738 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 3133
ms
> >>
> >> That pretty much is your delay.  Look to your intermediate network
> >>segments, especially any smart devices.
>
> On 02.09.11 10:05, TMK wrote:
> >Would creating master cash DNS and configure all other cache DNS to only
> >forward requests to it would solve this issue
>
> that could make things faster but also more complicated.
> Is there any reason to use more caches instead of two (to have working
> DNS when one fails) and using those from anywhere?
>
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Spam = (S)tupid (P)eople's (A)dvertising (M)ethod
>
>
> -----------------

Actually we have around 6 servers. All I need to do is to reduce the
response time for the uncached responses as much as possible. So will the
master cache server save maybe 200 sec of the response time which is good
number is there any other way to force my server to contact gtld servers
closer to its geoloc in Africa to reduce the round trip times is that
possible
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110903/b2698989/attachment.html>


More information about the bind-users mailing list