How to optimize dns requests

Lawrence K. Chen, P.Eng. lkchen at ksu.edu
Fri Mar 15 18:36:40 UTC 2013


Think you can only get aa if the the server is an authority....

I've been playing around with a local forward first caching server.... so I tried it.

First run:

% dig mail.com

; <<>> DiG 9.9.2-rpz.066.22-P1 <<>> mail.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20016
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mail.com.			IN	A

;; ANSWER SECTION:
mail.com.		86400	IN	A	213.165.66.221

;; Query time: 183 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Mar 15 13:16:06 2013
;; MSG SIZE  rcvd: 53

Second run:

% dig mail.com

; <<>> DiG 9.9.2-rpz.066.22-P1 <<>> mail.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51884
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mail.com.			IN	A

;; ANSWER SECTION:
mail.com.		86395	IN	A	213.165.66.221

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Mar 15 13:16:11 2013
;; MSG SIZE  rcvd: 53

And, when I tried some of our normal caching servers...the results were similar, with Query times of up to 3 ms.  Until I found one that hadn't cached yet it.

; <<>> DiG 9.6-ESV-R4-P1 <<>> mail.com @dns-6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61026
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.com.                      IN      A

;; ANSWER SECTION:
mail.com.               86400   IN      A       213.165.66.221

;; AUTHORITY SECTION:
mail.com.               86400   IN      NS      dns.gmx.net.
mail.com.               86400   IN      NS      ns.gmx.net.

;; Query time: 377 msec
;; SERVER: 129.130.139.154#53(129.130.139.154)
;; WHEN: Fri Mar 15 13:17:49 2013
;; MSG SIZE  rcvd: 84

Subsequent dig took 0ms.

Tried add +aaonly

; <<>> DiG 9.9.2-rpz.066.22-P1 <<>> +aaonly mail.com @dns-6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44400
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mail.com.			IN	A

;; ANSWER SECTION:
mail.com.		86215	IN	A	213.165.66.221

;; AUTHORITY SECTION:
mail.com.		86215	IN	NS	dns.gmx.net.
mail.com.		86215	IN	NS	ns.gmx.net.

;; Query time: 0 msec
;; SERVER: 129.130.139.154#53(129.130.139.154)
;; WHEN: Fri Mar 15 13:20:54 2013
;; MSG SIZE  rcvd: 95

but dig against one of the authority section servers....

; <<>> DiG 9.9.2-rpz.066.22-P1 <<>> mail.com @ns.gmx.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2703
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mail.com.			IN	A

;; ANSWER SECTION:
mail.com.		86400	IN	A	213.165.66.221

;; Query time: 120 msec
;; SERVER: 213.165.64.2#53(213.165.64.2)
;; WHEN: Fri Mar 15 13:21:05 2013
;; MSG SIZE  rcvd: 53

----- Original Message -----
> On 15.03.13 15:25, Abdellatif ... wrote:
> >I want to optimize the call to remote dns server to resolve domain
> >names
> > each time needed. What i want to do is that if the hostname is
> >requested for the first time than call the remote dns (for example
> >8.8.8.8) to resolve it, once called then recorded for later use in
> >such
> >way when next time the seem domain name is requested for resolve
> >than
> >the cached ip is grabbed without need to call remote dns to maximize
> >speed to optimize network traffic.
> 
> This is how BIND normally works.
> 
> >It doesn't seem to use the cache, here is the call of dig mail.com :
> >
> >; <<>> DiG 9.8.1-P1 <<>> mail.com
> [...]
> >;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> 
> this is clearly a cached answer (aa flag is missing). How did you
> come to
> the conclusion that caching does not work?
> 
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Save the whales. Collect the whole set.

-- 
Who: Lawrence K. Chen, P.Eng. - W0LKC - Senior Unix Systems Administrator
For: Enterprise Server Technologies (EST) -- & SafeZone Ally
Snail: Computing and Telecommunications Services (CTS)
Kansas State University, 109 East Stadium, Manhattan, KS 66506-3102
Phone: (785) 532-4916 - Fax: (785) 532-3515 - Email: lkchen at ksu.edu
Web: http://www-personal.ksu.edu/~lkchen - Where: 11 Hale Library



More information about the bind-users mailing list