Performance issue
-
I run unbound as a resolver and have a question regarding Query Times from client machines which seem way higher than the should be.
1. After visiting www.cnn.com from any computer on my network the dns information gets cached. Then:
2. FROM THE PFSENSE BOX (Note Query Time of 0 msec)
[2.4.2-RELEASE][root@pfsense.localnetwork]/root: dig cnn.com
; <<>> DiG 9.11.2 <<>> cnn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48189
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cnn.com. IN A;; ANSWER SECTION:
cnn.com. 53 IN A 151.101.1.67
cnn.com. 53 IN A 151.101.193.67
cnn.com. 53 IN A 151.101.129.67
cnn.com. 53 IN A 151.101.65.67;; AUTHORITY SECTION:
cnn.com. 3406 IN NS ns-1086.awsdns-07.org.
cnn.com. 3406 IN NS ns-1630.awsdns-11.co.uk.
cnn.com. 3406 IN NS ns-47.awsdns-05.com.
cnn.com. 3406 IN NS ns-576.awsdns-08.net.;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Dec 23 17:27:50 CST 2017
;; MSG SIZE rcvd: 2363. FROM THE MACHINE THAT VISITED CNN.COM (Note avg ping time to pfsense of 0.398ms)
imac:Downloads user$ ping pfsense
PING pfsense.ascendencyhome.net (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=64 time=0.400 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.409 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.325 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.431 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=0.425 ms
^C
–- pfsense.ascendencyhome.net ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.325/0.398/0.431/0.038 ms4. FROM THE MACHINE THAT VISITED CNN.COM (Note avg ping time to cnn.com of 11.433ms)
imac:Downloads user$ ping cnn.com
PING cnn.com (151.101.1.67): 56 data bytes
64 bytes from 151.101.1.67: icmp_seq=0 ttl=58 time=15.382 ms
64 bytes from 151.101.1.67: icmp_seq=1 ttl=58 time=10.672 ms
64 bytes from 151.101.1.67: icmp_seq=2 ttl=58 time=9.763 ms
64 bytes from 151.101.1.67: icmp_seq=3 ttl=58 time=9.916 ms
^C
–- cnn.com ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 9.763/11.433/15.382/2.306 ms5. FROM THE CLIENT MACHINE THAT VISITED CNN.COM (Note Query time of 33 msec)
imac:Downloads user$ dig cnn.com
; <<>> DiG 9.9.7-P3 <<>> cnn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1928
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cnn.com. IN A;; ANSWER SECTION:
cnn.com. 0 IN A 151.101.1.67
cnn.com. 0 IN A 151.101.193.67
cnn.com. 0 IN A 151.101.129.67
cnn.com. 0 IN A 151.101.65.67;; AUTHORITY SECTION:
cnn.com. 3173 IN NS ns-1086.awsdns-07.org.
cnn.com. 3173 IN NS ns-1630.awsdns-11.co.uk.
cnn.com. 3173 IN NS ns-47.awsdns-05.com.
cnn.com. 3173 IN NS ns-576.awsdns-08.net.;; Query time: 33 msec
;; SERVER: 2601:249::831:21b:21ff:fec5:8258#53(2601:249:0:831:21b:21ff:fec5:8258)
;; WHEN: Sat Dec 23 17:31:42 CST 2017
;; MSG SIZE rcvd: 236So my question is this:
If pfsense dig time to cnn.com is 0 msec (due to cache) and the ping to pfsense is 0.398ms why would dig from client computer show 33 msec? Should it be similar to a ping to the local pfsense server of .398 msec?
-
This is an interesting article and may help explain what I'm seeing:
https://www.easydns.com/blog/2011/05/02/dns-speeds-debunked/