Am 2018-04-05 16:00, schrieb Josef via Unbound-users:
Hi list
What I experience is that dns queries to domains i never queried before (thus making sure the query i not cached) is "slow" on on unbound. A query to such a domain can easily take some hundreds milliseconds, whereas on the Firewall resolver, the same querry is rarely higher than 100 ms. A second querry is alway very fast (0-1 ms), which is no surprise. When I run the provided warmup script from the package (also available here: https://github.com/breadwallet/unbound/blob/master/contrib/warmup.sh) this takes about 25 - 35 seconds when run for the first time. # time /root/bin/warmup.sh ... real 0m28.128s Is this normal? What are your experiences? What could be the reason for the diverging query times on the firewall resolver and unbound?
What I did not take into account was the following: when quering for example en.wikipedia.org there is a query for the root server, for the top level domain, for the domain, and the subdomain. Using dig +trace helped me figuring out that the top level domain query takes usually the most time, some hundred ms. However, this is only the case when first quering this top level domain. This means the dns speed should increase over time because the top level domains are already in cache - which is exactly what I am experiencing.
Restart unbound query: dig en.wikipedia.org -> Query time: 622 msec query: dig de.wikipedia.org -> Query time: 109 msec query: dig fr.wikipedia.org -> Query time: 140 msec query: dig pl.wikipedia.org -> Query time: 143msec
