> Message: 1 > Date: Fri, 2 Sep 2011 10:05:42 +0200 > From: TMK <eng...@gmail.com> > Subject: Re: Fwd: Re: slow non-cached quries > To: bind-users@lists.isc.org > Message-ID: > <caakgotgcoqdsz2fjc8y3kl+bj1guabsb0ohoxnu+dgt8fyf...@mail.gmail.com > > Content-Type: text/plain; charset="iso-8859-1" > > On Sep 2, 2011 9:48 AM, "TMK" <eng...@gmail.com> wrote: > > > > ---------- Forwarded message ---------- > > From: "Leonard Mills" <l...@yahoo.com> > > Date: Aug 31, 2011 8:15 PM > > Subject: Re: slow non-cached quries > > To: "TMK" <eng...@gmail.com> > > > > ;; Received 738 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 3133 ms > > > > That pretty much is your delay. Look to your intermediate network > segments, especially any smart devices. > > > >> ________________________________ > >> From: TMK <eng...@gmail.com> > >> To: Mark Andrews <ma...@isc.org> > >> Cc: bind-us...@isc.org > >> Sent: Wednesday, August 31, 2011 4:44 AM > >> Subject: Re: slow non-cached quries > >> > >> On Tue, Aug 30, 2011 at 9:26 AM, TMK <eng...@gmail.com> wrote: > >> > >> > > >> > On Tue, Aug 30, 2011 at 6:55 AM, Mark Andrews <ma...@isc.org> wrote: > >> >> > >> >> In message <CAAKgOtgoifGPNEpHtX7++w= > cze1dpxx2degq1ppkz18dpuf...@mail.gmail.com>, > >> >> TMK writes: > >> >>> Dears, > >> >>> > >> >>> Probably this the thousand time you get these question. but our bind > server > >> >>> have slow response time for the non-cached entries. > >> >>> > >> >>> I have run dig with +trace option and below is the result > >> >>> > >> >>> ; <<>> DiG 9.8.0-P2 <<>> @127.0.0.1 www.google.com +trace > >> >>> ; (1 server found) > >> >>> ;; global options: +cmd > >> >>> . 2013 IN NS i.root-servers.net. > >> >>> . 2013 IN NS g.root-servers.net. > >> >>> . 2013 IN NS l.root-servers.net. > >> >>> . 2013 IN NS m.root-servers.net. > >> >>> . 2013 IN NS d.root-servers.net. > >> >>> . 2013 IN NS b.root-servers.net. > >> >>> . 2013 IN NS k.root-servers.net. > >> >>> . 2013 IN NS j.root-servers.net. > >> >>> . 2013 IN NS c.root-servers.net. > >> >>> . 2013 IN NS a.root-servers.net. > >> >>> . 2013 IN NS h.root-servers.net. > >> >>> . 2013 IN NS e.root-servers.net. > >> >>> . 2013 IN NS f.root-servers.net. > >> >>> ;; Received 228 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms > >> >>> > >> >>> com. 172800 IN NS a.gtld-servers.net. > >> >>> com. 172800 IN NS b.gtld-servers.net. > >> >>> com. 172800 IN NS c.gtld-servers.net. > >> >>> com. 172800 IN NS d.gtld-servers.net. > >> >>> com. 172800 IN NS e.gtld-servers.net. > >> >>> com. 172800 IN NS f.gtld-servers.net. > >> >>> com. 172800 IN NS g.gtld-servers.net. > >> >>> com. 172800 IN NS h.gtld-servers.net. > >> >>> com. 172800 IN NS i.gtld-servers.net. > >> >>> com. 172800 IN NS j.gtld-servers.net. > >> >>> com. 172800 IN NS k.gtld-servers.net. > >> >>> com. 172800 IN NS l.gtld-servers.net. > >> >>> com. 172800 IN NS m.gtld-servers.net. > >> >>> ;; Received 492 bytes from 199.7.83.42#53(l.root-servers.net) in 175 > ms > >> >>> > >> >>> google.com. 172800 IN NS ns2.google.com. > >> >>> google.com. 172800 IN NS ns1.google.com. > >> >>> google.com. 172800 IN NS ns3.google.com. > >> >>> google.com. 172800 IN NS ns4.google.com. > >> >>> ;; Received 168 bytes from 192.5.6.30#53(a.gtld-servers.net) in 250 > ms > >> >>> > >> >>> www.google.com. 604800 IN CNAME www.l.google.com. > >> >>> www.l.google.com. 300 IN A 209.85.148.106 > >> >>> www.l.google.com. 300 IN A 209.85.148.104 > >> >>> www.l.google.com. 300 IN A 209.85.148.147 > >> >>> www.l.google.com. 300 IN A 209.85.148.99 > >> >>> www.l.google.com. 300 IN A 209.85.148.103 > >> >>> www.l.google.com. 300 IN A 209.85.148.105 > >> >>> ;; Received 148 bytes from 216.239.34.10#53(ns2.google.com) in 225 ms > >> >>> > >> >>> > >> >>> > >> >>> we are running bind version "BIND 9.8.0-P2" on CentOS release 5.6 > (Final) > >> >>> > >> >>> the process is running as mutlithreaded and consuming total of 60% of > cpu > >> >>> utilization. > >> >>> > >> >>> do we have network issue or performance bottleneck. > >> >>> > >> >>> engtmk > >> >> > >> >> To better match what a nameserver does, what does dig +trace +dnssec > show? > >> >> > >> >> dig +dnssec +trace www.google.com > >> >> > >> >> Mark > >> >> -- > >> >> Mark Andrews, ISC > >> >> 1 Seymour St., Dundas Valley, NSW 2117, Australia > >> >> PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org > >> >> > >> > > >> > Hi Mark, > >> > > >> > here is the output of the command > >> > > >> > dig @127.0.0.1 www.google.com +trace +dnssec > >> > > >> > ; <<>> DiG 9.8.0-P2 <<>> @127.0.0.1 www.google.com +trace +dnssec > >> > ; (1 server found) > >> > ;; global options: +cmd > >> > . 3600000 IN NS F.ROOT-SERVERS.NET. > >> > . 3600000 IN NS A.ROOT-SERVERS.NET. > >> > . 3600000 IN NS C.ROOT-SERVERS.NET. > >> > . 3600000 IN NS J.ROOT-SERVERS.NET. > >> > . 3600000 IN NS B.ROOT-SERVERS.NET. > >> > . 3600000 IN NS K.ROOT-SERVERS.NET. > >> > . 3600000 IN NS E.ROOT-SERVERS.NET. > >> > . 3600000 IN NS D.ROOT-SERVERS.NET. > >> > . 3600000 IN NS G.ROOT-SERVERS.NET. > >> > . 3600000 IN NS L.ROOT-SERVERS.NET. > >> > . 3600000 IN NS M.ROOT-SERVERS.NET. > >> > . 3600000 IN NS I.ROOT-SERVERS.NET. > >> > . 3600000 IN NS H.ROOT-SERVERS.NET. > >> > ;; Received 255 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms > >> > > >> > com. 172800 IN NS f.gtld-servers.net. > >> > com. 172800 IN NS m.gtld-servers.net. > >> > com. 172800 IN NS g.gtld-servers.net. > >> > com. 172800 IN NS h.gtld-servers.net. > >> > com. 172800 IN NS e.gtld-servers.net. > >> > com. 172800 IN NS i.gtld-servers.net. > >> > com. 172800 IN NS a.gtld-servers.net. > >> > com. 172800 IN NS c.gtld-servers.net. > >> > com. 172800 IN NS j.gtld-servers.net. > >> > com. 172800 IN NS k.gtld-servers.net. > >> > com. 172800 IN NS l.gtld-servers.net. > >> > com. 172800 IN NS d.gtld-servers.net. > >> > com. 172800 IN NS b.gtld-servers.net. > >> > com. 86400 IN DS 30909 8 2 > >> > E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766 > >> > com. 86400 IN RRSIG DS 8 1 86400 > 20110906000000 20110829230000 39283 > >> > . FMBZuvFdyUZayOFWU4oa6qZKMu0lBn9Pn/6UH6PXmvfdJlS8VZbX4zYe > >> > v0SGIWwA+cY3LGrICltTHfeZ0/eVfW6L0qzlT8o9EnSQgZ0ZyvqYrmIy > >> > S30lwE/WobQVJSC9+ADyO2KNVw4Rpn570X5hTHeDnymoaiI4WxOBipIi v5I= > >> > ;; Received 738 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 3133 > ms > >> > > >> > ;; reply from unexpected source: 198.41.0.4#53, expected > 192.54.112.30#53 > >> > ;; Warning: ID mismatch: expected ID 64144, got 28413 > >> > google.com. 172800 IN NS ns2.google.com. > >> > google.com. 172800 IN NS ns1.google.com. > >> > google.com. 172800 IN NS ns3.google.com. > >> > google.com. 172800 IN NS ns4.google.com. > >> > CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - > >> > CK6RMF8AE5PU47R8P3AL6T4Q26TL26S7 NS SOA RRSIG DNSKEY NSEC3PARAM > >> > CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 > >> > 20110906040911 20110830025911 41798 com. > >> > Q+Oxc56WTwwyYy8hwvK+8883fMBCk5P3zkCCn6R0zXbjL666jzIQ3Fqx > >> > hRY+f1DL/Mm4HVw7HY4rE1bAJ61iajFxMyys6P0fEGqx9jBM9gO/siE7 > >> > rTQilWZWwBFILlIggZFCt2Cpz0mJIplmJ4Ha5Anzp9Gt5f/TyBB3vu9c RKI= > >> > S80V6798LSRQS3HJ5JTSO7N1LKSVIAT8.com. 86400 IN NSEC3 1 1 0 - > >> > S8DHL9ICBS92G7KQAJCVT1CUQMAB9U5D NS DS RRSIG > >> > S80V6798LSRQS3HJ5JTSO7N1LKSVIAT8.com. 86400 IN RRSIG NSEC3 8 2 86400 > >> > 20110906061156 20110830050156 41798 com. > >> > OhtpbDJaFRivIbgQKiFy7NXXfZszjX3TxVmZG2pfTDQNP30kkw0w23IG > >> > g57fMUpevAulJefCMKyPmCf+HJHVTBdH08i5rv97EZgo9oR0yvGlFn6J > >> > I8bngApoNqmIhvkwZpbxF1iamCp1SDuep7XMLpGq6EhvpwV+vlAwms9N EIU= > >> > ;; Received 664 bytes from 192.54.112.30#53(h.gtld-servers.net) in 215 > ms > >> > > >> > www.google.com. 604800 IN CNAME www.l.google.com. > >> > www.l.google.com. 300 IN A 74.125.39.147 > >> > www.l.google.com. 300 IN A 74.125.39.104 > >> > www.l.google.com. 300 IN A 74.125.39.106 > >> > www.l.google.com. 300 IN A 74.125.39.105 > >> > www.l.google.com. 300 IN A 74.125.39.99 > >> > www.l.google.com. 300 IN A 74.125.39.103 > >> > ;; Received 148 bytes from 216.239.34.10#53(ns2.google.com) in 158 ms > >> > > >> > Regards, > >> > engtmk > >> > > >> > >> dears any help would be much appreciated > >> _______________________________________________ > >> Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > >> > >> bind-users mailing list > >> bind-users@lists.isc.org > >> https://lists.isc.org/mailman/listinfo/bind-users > >> > >> > > Would creating master cash DNS and configure all other cache DNS to only > forward requests to it would solve this issue > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < https://lists.isc.org/pipermail/bind-users/attachments/20110902/480ecaaa/attachment-0001.html > > > ------------------------------ > > Message: 2 > Date: Fri, 2 Sep 2011 10:35:54 +0200 > From: Matus UHLAR - fantomas <uh...@fantomas.sk> > Subject: Re: Fwd: Re: slow non-cached quries > To: bind-users@lists.isc.org > Message-ID: <20110902083553.gb10...@fantomas.sk> > Content-Type: text/plain; charset=us-ascii; format=flowed > > >> From: "Leonard Mills" <l...@yahoo.com> > >> Date: Aug 31, 2011 8:15 PM > >> Subject: Re: slow non-cached quries > >> To: "TMK" <eng...@gmail.com> > >> > >> ;; Received 738 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 3133 ms > >> > >> That pretty much is your delay. Look to your intermediate network > >>segments, especially any smart devices. > > On 02.09.11 10:05, TMK wrote: > >Would creating master cash DNS and configure all other cache DNS to only > >forward requests to it would solve this issue > > that could make things faster but also more complicated. > Is there any reason to use more caches instead of two (to have working > DNS when one fails) and using those from anywhere? > > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Spam = (S)tupid (P)eople's (A)dvertising (M)ethod > > > -----------------
Actually we have around 6 servers. All I need to do is to reduce the response time for the uncached responses as much as possible. So will the master cache server save maybe 200 sec of the response time which is good number is there any other way to force my server to contact gtld servers closer to its geoloc in Africa to reduce the round trip times is that possible
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
