44net-request(a)hamradio.ucsd.edu wrote:
> Subject:
> Re: [44net] Performance of DNS
> From:
> Brian Kantor <Brian(a)UCSD.Edu>
> Date:
> 08/05/2014 07:21 PM
>
> To:
> AMPRNet working group <44net(a)hamradio.ucsd.edu>
>
>
> On Tue, Aug 05, 2014 at 07:14:12PM +0200, Rob Janssen wrote:
>> >I often experience relatively slow lookups of DNS records in .ampr.org and 44.in-addr.arpa.
> It can be instructive to use the 'dig' '+trace' option to do lookups
> as that will give you timing results as the query descends the tree.
> That way you can get an idea of where the delay may be. Together with
> the '@' option to direct your query to a particular nameserver you might
> be able to identify the bottleneck when it occurs.
> - Brian
>
I did some testing and I find that the two servers closest to me (in DE and UK) return
results very quickly, under 80ms, while munnari.OZ.AU is very slow, it takes a second per query.
Of course it is on the other end of the world, the pingtime is 350ms.
The lookup of org and ampr (when not in cache) also take 300ms each, so in total
a lookup takes quite some time.
When I trick the whole thing using these bind9 zones in my local caching resolver:
zone "ampr.org" IN {
type forward;
forward first;
forwarders { 192.109.42.4; 195.66.148.101; };
};
zone "44.in-addr.arpa" IN {
type forward;
forward first;
forwarders { 192.109.42.4; 195.66.148.101; };
};
everything is very very fast. of course this is to be expected, as the tree lookups
are no longer required and the fastest (for me) servers are used first.
But of course it is a dirty trick, and it will fail when those servers change address.
It looks like bind does not remember performance of DNS servers as it does for forwarders,
or when it does it may have forgotten that info by the time it is required again and therefore
does not use only the fastest servers?
Rob
I'm presently seeking recommendations for a consumer grade home router that
will work as both a vpn client and vpn server for PPTP, L2TP, OpenVPN, and
IPSEC protocols. support for plain GRE would be useful as well. the
router should be easy to configure with a fill in the boxes and check marks
type web interface. Ideally an unlimited number of VPN tunnels would be
supported along with support for RIP and OSPF. what does this list know of
that comes at least close to this?
Eric
AF6EP
I often experience relatively slow lookups of DNS records in .ampr.org and 44.in-addr.arpa.
Not every time, but lookup times of 2-3 seconds occur quite often, especially for the first one
in a series (the TTL in the zones is only an hour, so there is little caching).
44.in-addr.arpa also sometimes fail for existing hosts, to succeed when they are re-tried later.
Do other people see this? It looks like there are 7 DNS servers, which seems to be plenty.
Are they overloaded? Do we need or like to have more DNS servers? Should I volunteer
to provide one?
Or could there be another reason for this phenomenon?
Rob
What is the total monthly amount of traffic produced and responded to by
ALL hosts on 44/8? anyonh have a vague number for this? how much traffic
passes monthly through amprgw?
Eric
AF6EP
doing some testing here this morning and went to login to af6hf.ampr.org
and saw the following:
debian@arm:~$ telnet af6hf.ampr.org
Trying 92.242.140.21...
just curious what's going on here. can we now assign any ip addresses to
our delegated domain namespace? I had always thought that foo.ampr.org
would be placed in 44/8 ip space.
Eric
AF6EP
