<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;" dir="ltr">
<p style="margin-top:0;margin-bottom:0"><span style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt;">Hello,</span><br>
</p>
<div style="color: rgb(0, 0, 0);">
<div dir="ltr">
<div id="x_divtagdefaultwrapper" dir="ltr" style="font-size:12pt; color:#000000; font-family:Calibri,Helvetica,sans-serif">
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">I am researching an issue we are seeing with significant volumes of DNS traffic being sent to non-local forwarders. I think I understand how the srtt algorithm works, but I am seeing more traffic going to the non-local
forwarders than I was expecting.</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">To give you some context, we have 2 forwarders in the UK and 2 in Hong Kong, all 4 servers are responsible for outbound internet resolution. We also have a number of resolving servers (in the UK and Hong Kong) that have
these 4 servers listed in their local "forwarders" statement, so I am expecting the HK resolvers to forward mainly to the 2 local HK forwarders, with the occasional query out to the 2 UK forwarders so that the rtt can be measured.</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">When I do a packet capture on a Hong Kong resolver, over a 5 minute period, 22% of all packets captured are DNS queries being forwarded to the local HK forwarders, and 14% of the packets captured are being sent to the
UK forwarders - this seems high to me. I had always believed that the number of queries sent to non-local forwarders would be a lot lower, but from looking into this in detail this doesn't seem to be the case.</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">When I do a ping from Honk Kong, the rtt to the UK forwarders is 180-190ms, in contrast the local HK forwarder rtt is <1ms. <span style="font-size:12pt">I can see from dumping the cache on the HK resolver that the rtt
is indeed much lower to the HK servers:</span></p>
<p style="margin-top:0; margin-bottom:0"><span style="font-size:12pt"><br>
</span></p>
<p style="margin-top:0; margin-bottom:0"><span style="font-size:12pt"></span></p>
<p class="x_MsoNormal"><span style="color:#1F497D">; 10.<i><HK IP></i> [<span style="background: rgb(255, 255, 255);">srtt 478560</span>] [flags 00004000] [edns 146/5/4/4/4] [plain 0/0] [udpsize 2448] [ttl -1033437]</span></p>
<p class="x_MsoNormal"><span style="color:#1F497D">; 10.<i><HK IP></i> [<span style="background: rgb(255, 255, 255);">srtt 648550</span>] [flags 00004000] [edns 153/4/4/4/4] [plain 0/0] [udpsize 2270] [ttl -1033437]</span></p>
<p class="x_MsoNormal"><span style="color:#1F497D">; 10.<i><UK IP></i> [<span style="background: rgb(255, 255, 255);">srtt 2774590</span>] [flags 00004000] [edns 133/4/4/4/2] [plain 0/0] [udpsize 1160] [ttl -1033437]</span></p>
<p class="x_MsoNormal"><span style="color:#1F497D">; 10.<i><UK IP></i> [<span style="background: rgb(255, 255, 255);">srtt 3477510</span>] [flags 00004000] [edns 170/6/6/6/4] [plain 0/0] [udpsize 1012] [ttl -1033437]</span></p>
<p></p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">I did some digging and came across this presentation: <a href="https://www.nanog.org/meetings/nanog54/presentations/Tuesday/Yu.pdf" class="x_OWAAutoLink" id="LPlnk594797" previewremoved="true">https://www.nanog.org/meetings/nanog54/presentations/Tuesday/Yu.pdf</a></p>
<br>
<p style="margin-top:0; margin-bottom:0">This seems to imply on slide 16 that with lower query rates, BIND 9.8 has a habit of sending fairly significant volumes to DNS servers with higher rtts. I am wondering if this is still the case in BIND 9.10 or 9.11 and
whether there is anything that can be done about it?</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">In BIND 8 I think we could have used the topology statement to influence the behaviour but I gather that is not an option in BIND 9?</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">Is there a solution to this because the slow responses back from the UK are impacting application performance for users in HK?</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">We need to keep the UK servers as part of the configuration for failover/redundancy, removing them is not an option.</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">Thanks,</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">Paul</p>
<div id="x_Signature">
<div id="x_divtagdefaultwrapper" dir="ltr" style="font-size:12pt; color:rgb(0,0,0); font-family:Calibri,Helvetica,sans-serif,EmojiFont,"Apple Color Emoji","Segoe UI Emoji",NotoColorEmoji,"Segoe UI Symbol","Android Emoji",EmojiSymbols">
<p></p>
<div style="color:rgb(33,33,33); font-family:wf_segoe-ui_normal,"Segoe UI","Segoe WP",Tahoma,Arial,sans-serif,serif,EmojiFont; font-size:15px">
<br>
</div>
<div style="color:rgb(33,33,33); font-family:wf_segoe-ui_normal,"Segoe UI","Segoe WP",Tahoma,Arial,sans-serif,serif,EmojiFont; font-size:15px">
Paul Roberts<br>
</div>
<div style="color:rgb(33,33,33); font-family:wf_segoe-ui_normal,"Segoe UI","Segoe WP",Tahoma,Arial,sans-serif,serif,EmojiFont; font-size:15px">
Calleva Networks Ltd.<br>
</div>
<div style="color:rgb(33,33,33); font-family:wf_segoe-ui_normal,"Segoe UI","Segoe WP",Tahoma,Arial,sans-serif,serif,EmojiFont; font-size:15px">
Email: paul@callevanetworks.com<br>
</div>
<div style="color:rgb(33,33,33); font-family:wf_segoe-ui_normal,"Segoe UI","Segoe WP",Tahoma,Arial,sans-serif,serif,EmojiFont; font-size:15px">
<br>
</div>
<br>
<p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>