|
Linux Bind optimization for ISP server
Hi Guys ,
actually i have my server in an ISP that is used for clients and indeed i feel with some slow especially in Facebook images don't appear sometimes . i would like to see if i can optimize my server . i will put my config of named.conf file : ======================= ////////////// options { listen-on port 53 { 127.0.0.1; x.x.66.10; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; xxxxx }; allow-query-cache { localhost; xx.xx; }; recursion yes; recursive-clients 50000; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; forwarders { 208.67.222.123; 208.67.220.123; }; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; ========================= the question is what can i do to optimize or speed up the dns resolution or caching ? im not sure if caching is enabled or not . all what i have is i forward the requests to Opendns server ip. kind regards |
My first question is why aren't you using your ISPs name servers? They'll be physically "closer", alternatively use Google's DNS servers.
Do you have any specific reason you need IPV6 on the local interface? I know that if IPV6 is enabled then certain services (postfix for example) will attempt to use IPV6 first and then fall-back to IPV4 so that may also be causing a delay. |
no no ,
i mean I'm the ISP network admin and that is my server that will go to my clients my clients will use my server with config above .... but the issue is , sometimes my clients suffer that Facebook images not work or work partially when i switch to 8.8.8.8 no problem i just want to check where is the bottleneck there or why there is slow thats it thank you |
any help ?
|
Quote:
I can't figure out what the heck bind has to do with "facebook images" |
Using Bind as a DNS caching server? Tuned it for aging and timeouts?
|
From what I read at https://www.digitalocean.com/communi...n-ubuntu-14-04
Seems there's only 2 kinds, caching and forwarding. and he seems to be forwarding. Quote:
They could be using varnish-cache or some other similar mechanism in front of these resolvers. If using Googles DNS or L3Comm's 8.8.8.8 / 4.2.2.2 resolves the issue, That's what I'd use. I use those 2 everywhere, never an issue, ever. Thanks. |
Good advice. I would point out to everyone that knows about L3's 4.2.2.2 to stop using it exclusively and start using 4.2.2.3, or 4.2.2.4, or 4.2.2.5 etc because the load on 4.2.2.2 is stifling for L3. Worked with a guy at L3 that complained about it. Try to mix it up a bit.
|
If I were L3 then I would place a load balance in front of it to easy the load on one server.
|
.
hmmm ,
Guys is there a way to check if there is a bottleneck in the DNS itself ? is it natural to have query with 900 ms ? ===================== Quote:
my servers are getting huge request , but i monitor the CPU which is abpu 50 % im not sure where is the issue that i have hope to guide me to anything cheers |
You HAVE to put that in 'code' tags to make it acceptably readable. 140 posts, you should know the etiquette by now.
|
Quote:
|
Quote:
Quote:
|
ok well ,
my ping timeout to 8.8.8. is about 60 ms but the dns queries get like 150 and sometimes 500ms !!!! here is the dig with and without the +trace option again the ip 208.67.222.123 is an opendns ip dns server . =================== Quote:
|
Those pings to 8.8.8.8 seem high. For reference my pings from different servers and home laptop are all under 10ms.
|
| All times are GMT -5. The time now is 11:52 AM. |