DNS Delay?

MarloM

I have a small, simple network with a Netgate SG-2100 running the latest pfSense version.

Internet > Comcast Cable Modem > Netgate SG-2100

All the computers are behind the SG-2100.

The client was complaining that the workstations seemed slow, with no real further explanation.

My first check is always DNS and I found this...

C:>nslookup yahoo.com
Server: one.one.one.one
Address: 1.1.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Non-authoritative answer:
Name: yahoo.com
Addresses: 2001:4998:24:120d::1:1
2001:4998:44:3507::8001
2001:4998:44:3507::8000
2001:4998:124:1507::f000
2001:4998:24:120d::1:0
2001:4998:124:1507::f001
98.137.11.164
74.6.143.25
74.6.143.26
74.6.231.20
74.6.231.21
98.137.11.163

This happens no matter what DNS server I use, and no matter what domain name I look up- there are always two timeouts followed by a valid DNS lookup.

Any ideas on how to troubleshoot this? I have a similar configuration at several other clients and this does not happen.

stephenw10

What do you see from Diag > DNS Lookup in pfSense?

Are the clients using 1.1.1.1 dircetly for normal lookups?

Steve