LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-29-2008, 02:59 PM   #1
Peacepunk
Member
 
Registered: Apr 2006
Location: Cambodia
Distribution: Slackware 12.2 &... VirtualBox!
Posts: 51

Rep: Reputation: 16
[SOLVED] DNS Puzzle: NameResolution performance


[SOLVED]

Hi Community; this one has me puzzled:

Fedora9 on a F9E (!) Asus laptop, with Firefox 3.0.beta5; network is wireless through iwl3945 module to a linksys "classic" BEFW11S router with up-to-date firmware. Two other boxes running fedora7 are wired at 100mb/s to the router and doesn't have the issue:

Ze Issue

Name resolution takes anything between 90 secs in Firefox to 15 secs with ping in a console;

if I ping

Quote:
ping -c 5 linuxquestions.org
I got to wait 15 secs before getting the first ping shot to get back to me at a perfectly healthy rate of around 300ms (healthy from where I live, that is)

If I do
Quote:
ping -c 5 75.126.162.205
then the ping is back instantly, within the same performance results of +/- 300 millisecs;

from Firefox, aiming at a server I know being less than 1000 metres away, if I do

www.camintel.com

I wait a full 30 secs seeing

"looking up camintel.com"


while if I do

http://124.108.48.10/

then I got it right, it starts connecting and pulling data instantly.

(it's a very lousy server so if you want to compare, do not measure the time to get the page displayed but the time your bottom info bar says "looking up www.camintel.com")

The "looking up... delay is constant whatever the server addressed.

Any idea/clue/directions to me to better this dreadfully boring handicap? Just imagine the Timeouts I face when trying to start a download... And to display this page, with all the calls to googleads, google syndication all taking their toll...

My connection info is as follow: fixed IP in a reserved range outside of the DHCP range provided by the router (192.168.1.99-nobody but this laptop is 99 here), connected through NetworkManager with WPA; dns 1 and 2 are the usual for me, and otherwise working on the other fixed IP here 192.168.65.2 and 192.168.66.3. Only anomaly is the 0,0,0,0 figure for Broadcast Address but it's not available in the Edit Connection Settings of the nm applet anyway.

cheers from Cambodia. I am already struggling enough with Bandwidth here, I really don't need that extra zen tester on top of my browsing experience!

[EDIT] publishing this post was a full 75secs of "looking up..." !

Last edited by Peacepunk; 08-30-2008 at 07:35 AM. Reason: add [solved]
 
Old 08-29-2008, 04:37 PM   #2
jailbait
Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Wheezy, Debian Jessie
Posts: 7,579

Rep: Reputation: 187Reputation: 187
I would say that your problems are with the Domain Name Server that you are using. You might experiment with using a different DNS if you can find a nearby DNS other than the one you are using. You can change the DNS that you are using by changing /etc/resolv.conf

I once switched DNS on a dialup connection when my normal DNS was down. That switch worked OK and I didn't bother to switch back when the normal DNS came back up. I have never tried switching my DNS on broadband. The new DNS that you use can be anything. It does not have to be your ISP's DNS. See if you can find a DNS in Cambodia other than the one you are currently using and try it.

----------------
Steve Stites
 
Old 08-29-2008, 05:35 PM   #3
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Sounds like the classic IPv6 issue. Probably the earlier OSs didn't have IPv6 enabled by default, but the one you're using now does. It's most likely doing IPv6 record queries first, and they are timing-out. Just search the forum for "disable ipv6" and you're certain to find instructions.

You can verify by doing a tcpdump of traffic when you try to open a new website in Firefox:
Code:
$ sudo tcpdump -nlpvs0 port 53
 
Old 08-30-2008, 03:08 AM   #4
Peacepunk
Member
 
Registered: Apr 2006
Location: Cambodia
Distribution: Slackware 12.2 &... VirtualBox!
Posts: 51

Original Poster
Rep: Reputation: 16
Hey there, thanks for the advice(s).

I will post on my local LUG list to get nameserver addresses from other ISPs; that look solid info to debug the various (not only this one) occasions for sluggishness of the network over here.

the tcdump dumped nothing understandable, but for the obvious fact that this computer look out the name by the appropriate server (telesurf.com.kh)

Quote:
[root@F9E ~]# tcpdump -nlpvs0 -i wlan0 port 53
13:39:23.710787 IP (tos 0x0, ttl 64, id 6757, offset 0, flags [DF], proto UDP (17), length 78) 192.168.1.99.47373 > 203.144.65.2.domain: 64299+ AAAA? weather.noaa.gov.telesurf.com.kh. (50)
That seems to grab this f**g weather applet. Got tons of them, and nothing else.

Trying to hit gizmodo:
Quote:
[root@F9E ~]# tcpdump -nlpvs0 -i wlan0 port 53
tcpdump: listening on wlan0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:49:05.663095 IP (tos 0x0, ttl 64, id 64421, offset 0, flags [DF], proto UDP (17), length 61) 192.168.1.99.39601 > 203.144.65.2.domain: 64155+ AAAA? www.gizmodo.com. (33)
13:49:06.246287 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 140) 203.144.65.2.domain > 192.168.1.99.39601: 64155 1/1/0 www.gizmodo.com. CNAME gizmodo.com. (112)
13:49:06.246463 IP (tos 0x0, ttl 64, id 65004, offset 0, flags [DF], proto UDP (17), length 61) 192.168.1.99.39854 > 192.168.65.2.domain: 47820+ A? www.gizmodo.com. (33)
13:49:11.246838 IP (tos 0x0, ttl 64, id 4469, offset 0, flags [DF], proto UDP (17), length 61) 192.168.1.99.59699 > 192.168.66.3.domain: 47820+ A? www.gizmodo.com. (33)
13:49:14.247853 IP (tos 0x0, ttl 64, id 7470, offset 0, flags [DF], proto UDP (17), length 61) 192.168.1.99.53417 > 203.144.65.2.domain: 47820+ A? www.gizmodo.com. (33)
13:49:14.396270 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 341) 203.144.65.2.domain > 192.168.1.99.53417: 47820 2/7/7 www.gizmodo.com. CNAME gizmodo.com., gizmodo.com. A 69.60.7.199 (313)
13:49:16.281474 IP (tos 0x0, ttl 64, id 9503, offset 0, flags [DF], proto UDP (17), length 57) 192.168.1.99.60797 > 192.168.65.2.domain: 23483+ AAAA? gizmodo.com. (29)
...
and so on

Any usefull info to be grabbed from that?


Fun with ipv6

Since I read everywhere that it's time to go v6, upon install 2 days ago I acknowledged v6 (and v4 too). Not that I understand why, but I've read that we are supposed to leave the overwhelmed v4 to the new v6. WTF if you'll excuse my French, I did it. the links you suggested shows otherwise, though.

Quote:
[root@F9E ~]# modinfo ipv6
filename: /lib/modules/2.6.25.14-108.fc9.i686/kernel/net/ipv6/ipv6.ko
alias: net-pf-10
license: GPL
description: IPv6 protocol stack for Linux
author: Cast of dozens
srcversion: 98F81C086284981A821D131
depends:
vermagic: 2.6.25.14-108.fc9.i686 SMP mod_unload 686 4KSTACKS

[root@F9E ~]# lsmod|grep ipv6
nf_conntrack_ipv6 15992 6
nf_conntrack 49748 6 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,nf_conntrack_ipv6,xt_state
ipv6 221660 16 ip6t_REJECT,nf_conntrack_ipv6
I am obviously using v6 here, or am I?

Quote:
...Get Braced for the Crash...
[root@F9E ~]# rmmod -f nf_conntrack_ipv6 ipv6
ERROR: Removing 'nf_conntrack_ipv6': Resource temporarily unavailable
ERROR: Removing 'ipv6': Resource temporarily unavailable
...hu? ha, nothing happened...
(OK, this last one was a bit Rock'n'Roll, don't try this @ home, kids)

I will blackilst v6, remove it with YUM if possible and such but I am in the middle of a massive 360-files, 750-megs update (aaargh fedora people, why can't you post up-to-date spins in your ISO download pages?). That should be about three days, especially sine there is a full minute waiting between each single download of them 360 files.

Yikes.

How important is the Broadcast Address? Since I can't input/edit it with NetworkManager, where can I find this setting?

Among Services, I found netfs to be dead, status unknown. I sthat relevant in anyway?

Thanks again from far away.
 
Old 08-30-2008, 03:35 AM   #5
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 3,916

Rep: Reputation: 777Reputation: 777Reputation: 777Reputation: 777Reputation: 777Reputation: 777Reputation: 777
To directly check name lookup performance, you should try dig. You will get information that is more direct than trying to imply things from ping.

It looks as if your firewall is doing various conntrack bits and pieces. conntrack is known to be 'heavy-weight' and, depending on what you have set up, can be a resource issue; it probably shouldn't be if used minimally, but I can't tell from the info here. Consider whether, at least temporarily, you can do without the monitoring and logging that you are (probably) getting from the conntrack module - maybe you can 'fast track' DNS requests by port number to avoid the problem.

But generally, I'd get rid of IPV6; I have seen others have difficulties in getting IPV6 to co-exist with IPV4, and I know, before long, we all have to transition, but that really could be the problem.
 
Old 08-30-2008, 05:37 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,564
Blog Entries: 54

Rep: Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927Reputation: 2927
...and next to IPv6 issues you might also want to consider speedups like DNS response caching. If you look at for instance Pdns if not only offers a permanent cache (as opposed to BIND's cahcing-nameserver) but also allows you to speed up lookup strategy by sending requests to (groups) of DNS servers in parallel.
 
Old 08-30-2008, 07:33 AM   #7
Peacepunk
Member
 
Registered: Apr 2006
Location: Cambodia
Distribution: Slackware 12.2 &... VirtualBox!
Posts: 51

Original Poster
Rep: Reputation: 16
ipv6 now disabled, laptop rebooted, stuff is much better, zero lookups again - which just means I am lucky right now, Cambodia being what it is.

Thanks to all of you;

- jailbait I have my local LUGroup that will feed back info so that we do our own local hit-parade, the boss found the idea very neat!

- chort, ipv6 was getting in the way, and most definitely!

- salasi, next time I'll dig stuff; it still a bit obscure to me but I know where to find help.

- unSpawn, that Pdns thingie looks VERY SEXY to me, and it would to you even more if you where living in Phnom Penh like I do.

I've been honored getting accurate response from posters like you, thanks again.

Cheers
 
Old 08-30-2008, 12:06 PM   #8
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Code:
192.168.1.99.47373 > 203.144.65.2.domain: 64299+ AAAA? weather.noaa.gov.telesurf.com.kh.
That's looking for the IPv6 address of weather.noaa.gov.telesurf.com.

IPv6 in general is a good thing, and all OSs and applications should support it; however the implementation in Linux seems very poor. Applications will block on waiting for IPv6 lookup time-outs even when IPv6 routing isn't possible. Other operating systems don't have this problem. I have IPv6 enabled in Mac OS and OpenBSD and there's no slow-down. I believe Vista also has IPv6 on by default, and of the many problems with Vista, I don't recall ever reading an article that said slow Internet connections due to IPv6 was one of them.

I don't know why Linux in particular is so terrible with IPv6. All that happens as a result of this poor implementation is that people disable it, and then we're back to square one and undo all the progress over the last ten years, not to mention it gives people the false impression that IPv6 is slow or troublesome.
 
  


Reply

Tags
dns, network, resolution


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
MACRO puzzle awantik Programming 3 04-16-2008 01:53 PM
mathematical puzzle sycamorex General 18 02-14-2008 11:28 AM
A puzzle Gins Linux - General 10 02-24-2007 08:23 AM
dns performance blackzone Linux - Networking 3 09-15-2004 04:15 PM
Multicasting puzzle tachyon273 Linux - Networking 0 03-14-2003 05:38 PM


All times are GMT -5. The time now is 10:01 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration