Am 2018-04-05 16:00, schrieb Josef via Unbound-users:
What I experience is that dns queries to domains i never queried
before (thus making sure the query i not cached) is "slow" on on
A query to such a domain can easily take some hundreds milliseconds,
whereas on the Firewall resolver, the same querry is rarely higher
than 100 ms.
A second querry is alway very fast (0-1 ms), which is no surprise.
When I run the provided warmup script from the package (also available
this takes about 25 - 35 seconds when run for the first time.
# time /root/bin/warmup.sh
Is this normal? What are your experiences? What could be the reason
for the diverging query times on the firewall resolver and unbound?
What I did not take into account was the following: when quering for
example en.wikipedia.org there is a query for the root server, for the
top level domain, for the domain, and the subdomain. Using dig +trace
helped me figuring out that the top level domain query takes usually the
most time, some hundred ms. However, this is only the case when first
quering this top level domain. This means the dns speed should increase
over time because the top level domains are already in cache - which is
exactly what I am experiencing.
query: dig en.wikipedia.org -> Query time: 622 msec
query: dig de.wikipedia.org -> Query time: 109 msec
query: dig fr.wikipedia.org -> Query time: 140 msec
query: dig pl.wikipedia.org -> Query time: 143msec