getting slow response to my dns lookups.

Comments

18 comments

  • Avatar
    rotblitz

    Post the complete plain text output of the following commands:

    nslookup -type=txt debug.opendns.com.
    tracert 208.67.222.222
    tracert 208.67.220.220

    Further, in order to see the real DNS response times, not the ones felt through surfing experience, you may use this program:
    http://www.nirsoft.net/utils/dns_query_sniffer.html
    For general optimization of your TCP settings use this: http://www.speedguide.net/downloads.php

    0
    Comment actions Permalink
  • Avatar
    dnsenizer

    Server:  resolver1.opendns.com
    Address:  208.67.222.222

    debug.opendns.com    text =

        "server 1.pao"
    debug.opendns.com    text =

        "flags 20 0 2f6 2000000001"
    debug.opendns.com    text =

        "id 1801376"
    debug.opendns.com    text =

        "source 174.65.72.87:15248"

    ***********************************

    Tracing route to resolver1.opendns.com [208.67.222.222]
    over a maximum of 30 hops:

      1    <1 ms    <1 ms    <1 ms  10.0.0.1
      2     8 ms     9 ms     7 ms  10.173.0.1
      3    15 ms     9 ms     9 ms  fed1cmtk07-gex030000.sd.sd.cox.net [68.6.11.238]
      4     *        *        *     Request timed out.
      5     8 ms     7 ms     7 ms  fed1dsrj02-xe130.0.rd.sd.cox.net [68.6.8.4]
      6    23 ms    22 ms    21 ms  68.1.5.188
      7    21 ms    25 ms    28 ms  ae-6.r05.plalca01.us.bb.gin.ntt.net [129.250.194.141]
      8    29 ms    32 ms    33 ms  ae-2.r06.plalca01.us.bb.gin.ntt.net [129.250.5.238]
      9    25 ms    23 ms    21 ms  ge-0-7-0-31.r06.plalca01.us.ce.gin.ntt.net [140.174.21.166]
     10    21 ms    22 ms    27 ms  resolver1.opendns.com [208.67.222.222]

    Trace complete.

    ***********************************

    Tracing route to resolver2.opendns.com [208.67.220.220]
    over a maximum of 30 hops:

      1    <1 ms    <1 ms    <1 ms  10.0.0.1
      2    13 ms     8 ms     7 ms  10.173.0.1
      3    18 ms     8 ms     9 ms  fed1cmtk07-gex010000.sd.sd.cox.net [68.6.11.236]
      4     *        *        *     Request timed out.
      5     8 ms     7 ms     7 ms  fed1dsrj01-xe130.0.rd.sd.cox.net [68.6.8.0]
      6    23 ms    21 ms    21 ms  68.1.5.188
      7    22 ms    21 ms    21 ms  ae-6.r05.plalca01.us.bb.gin.ntt.net [129.250.194.141]
      8    29 ms    30 ms    29 ms  ae-2.r06.plalca01.us.bb.gin.ntt.net [129.250.5.238]
      9    24 ms    22 ms    21 ms  ge-0-7-0-31.r06.plalca01.us.ce.gin.ntt.net [140.174.21.166]
     10    23 ms    22 ms    22 ms  resolver2.opendns.com [208.67.220.220]

    Trace complete.

    I downloaded and tried to run the dns sniffer program, but I must have done something wrong as it didn't sniff any of my dns queries.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    You're located around San Diego, ISP Cox.net, and you're using the OpenDNS server location in Palo Alto which should be fine. Your IP address 174.65.72.87 is registered with OpenDNS network ID 1801376. Your latency to the OpenDNS servers is acceptable. That said, I can't see a DNS problem, at least not at the time when you posted the outputs.

    Regarding the DNS Sniffer program, read its instructions. You must probably install Wincap or another. After starting the program, you must select the *right* internet connection you want to have monitored (there are often more than one). It's worth the efforts in your case, because it clearly can show the DNS response time for each query.

    Also, try to optimize your TCP settings with the other program. The defaults on Windows are far from being optimal. You must first measure and set your MTU, and then you can optimize the rest of the parameters.

    0
    Comment actions Permalink
  • Avatar
    ipadfl

    after switching to open dns all domain name requests take 10 times longer than before. I have a very fast fiber connection to the internet. Navigating to an ip is instant but going to that same machine through a domain name takes 30 seconds and often just fails or times out. I thought maybe it was an outtage so i continued to use it for a few more weeks. It was consistently slow and often failed. I cannot recommend this product for anyone. It is terrible.

    0
    Comment actions Permalink
  • Avatar
    maintenance

    ipadfl, it's a service, not a product, and your anecdote does not constitute data. Millions of people use OpenDNS quite successfully, some with an experience better than their ISP provides.

    Do you have any actual data on how name resolution took 10x longer? Do the data show that the response time latency was caused by the resolvers? Do you realize that you can actually look to see if there is an outage?

    For a service with almost entirely empirically testable features, an awful lot of people recommend, or recommend against, OpenDNS with fact-free opinions. But thanks for pulling up an old thread to share them.

    0
    Comment actions Permalink
  • Avatar
    ipadfl

    wow.  i sure hope a lo of people read your answer.   You are clearly not an employee of this organization.  Proof that opendns has no accountability or customer service ethics standards or followed mission statement. 

    Yes i have data that shows it is your product that is slow consistently.  switching to my isp dns servers fixed the problem.  

    Do customers a favor and don't take bad news personally.  Get your personal value from something else. 

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    You missed to come up with measurable facts.  Try this one to give your statements a rational base:
    https://www.grc.com/dns/benchmark.htm

    0
    Comment actions Permalink
  • Avatar
    ipadfl

    thanks for the reply and the link.  That was very rational and calm and collected.  I may look into where in the route it is slow but for now i am proceeding with a simple content filtering solution for my ubuntu firewall and using my ISP provided local DNS servers.  I kinda like that solution because it can't be bypassed by simply putting in another dns server in the users network settings.  It could just be that i am way down here in south florida.  If i decide to come back i'll toss in some benchmarks.  Thank you again for the reply and link!  Take care.

    Dave

    0
    Comment actions Permalink
  • Avatar
    wkaufmann

    Hmm...   I seem to be running slow also.  Recently switched to FIOS and I have opendns servers configured in my computers IP configuration.  If I use the FIOS assigned DNS servers everything resolves quickly.  Using opendns takes 5-10 seconds or longer....

    0
    Comment actions Permalink
  • Avatar
    dnsenizer

    I went back and tried the dns query sniffer program again and this time it seemed to work (or at least started up).

    When I run it, all of the response times, durations, and response codes are blank. I didn't see an option for how to turn those fields on/off. I did notice that frequently there are six to eight entries for a single domain name that all have the same 'query ID' that spans about eight seconds from the earliest to the latest. Each query also seems to go through a different port number, which ranges from 49154 to 65492.

    As a stopgap measure, I created a local html file that just attempts to load an image (x.jpg) from the various sites that I frequent and it automatically reloads itself every 30 seconds. This was so that those domain names would hopefully always be in my local cache. Even with that, the names I have listed in their are showing up in the dns logs as frequently having 8ish entries under the same query id.

    I would really like to be able to get this resolved. As it is right now, I often times have to reload pages after 10 seconds to get it to load up right as the browser has likely timed out waiting for stuff (e.g. common css formatting files), so I have to reload in order for the browser to resolve the css file's location.

    0
    Comment actions Permalink
  • Avatar
    dnsenizer

    I did a little more experimenting. I switched my local dns server (settings on my computer) to google's public dns server. The number of repeat lookups dramatically reduced. My reloader page attempts to display images from about 30 domain names. With google's dns, most of the names only show up once in the dns query sniffer. When the page automatically reloads, no new entries show up in the sniffer. When set to openDNS, reloading the page seems to do another dns lookup for all the domain names in there. It is almost as if the cache duration (time to live?) value coming back from openDNS is getting messed up (making it too short and causing excess lookups).

    With google's dns, the ones that do show up in the sniffer are all single line entries. It doesn't seem to have any multiple reattempts for any of them the way they do when doing a lookup with opendns.

    0
    Comment actions Permalink
  • Avatar
    Frank Denis

    Can you post a packet capture (when using Google DNS and then when using OpenDNS) somewhere?

    0
    Comment actions Permalink
  • Avatar
    dnsenizer

    with openDNS:

    Host Name    Port Number    Query ID    Request Type    Request Time    Response Time    Duration    Response Code    Records Count    A    CNAME    AAAA    NS    MX    SOA    PTR    SRV    Source Address    Destination Address    IP Country    
    myip.opendns.com    59499    CD43    A    1/2/2014 2:13:41 AM.296                0                                    10.0.0.101    208.67.222.222        

    C:>nslookup -type=txt debug.opendns.com
    Server:  resolver1.opendns.com
    Address:  208.67.222.222

    Non-authoritative answer:
    debug.opendns.com       text =        "server 3.pao"
    debug.opendns.com       text =        "flags 20 0 2f6 2000000001"
    debug.opendns.com       text =        "id 1801376"
    debug.opendns.com       text =        "source 174.65.58.173:24708"

     

    with google's dns: (after doing a ipconfig/flushdns)

    Host Name    Port Number    Query ID    Request Type    Request Time    Response Time    Duration    Response Code    Records Count    A    CNAME    AAAA    NS    MX    SOA    PTR    SRV    Source Address    Destination Address    IP Country    
    myip.opendns.com    53361    6EDC    A    1/2/2014 4:43:04 AM.720                0                                    10.0.0.101    8.8.8.8        

    (for some reason, dnsquery sniffer isn't showing any values for the response time, duration, response code, or a bunch of the other columns). But my perception is that it's a whole lot faster with google's from what I see in my browser window. If the page I'm attempting to load references a css file elsewhere on the internet, with openDNS at least half the time the css address doesn't resolve and thus doesn't load. With google's, I've yet to see a problem loading css files from off sites. Also the status shows "Looking up xyz.com" for only fractions of a second with google's and several seconds with OpenDNS's.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Regarding the DNS Query Sniffer:

    View > Select Colums > (Select all)

    Then leave the sniffer running for a while, for example with your special page, for both OpenDNS and Google DNS.

    View > HTML Report - All Items

    Post the resulting report.html as an attachment here ("Attach file").

    Did you also run the benchmark program (https://www.grc.com/dns/benchmark.htm) with any insights coming out?

    0
    Comment actions Permalink
  • Avatar
    davdunc

    O.K. So this problem is happening for me as well. I don't  see a real resolution, so I am going to post my findings and my concerns. I don't use Windows 7, but my wife does and I finally got tired of listening to her complain.  We use OpenDNS configured at the router with the order as specified in our account details. 

    I observed a long delay >5 seconds from her browser, for both Pandora.com and facebook.com in her browser, opened a command prompt, then issued an nslookup for facebook.com. The resolution came back in less than a second and the browser immediately populated with the result. This has been reproduced after waiting for as much as 10 seconds. Once the resolution is done at the command prompt, the browser responds. 

    This is a random occurrence and is usually over before I can collect more data. OTOH, I have never experienced this from my Mac or Linux systems. 

    We have a 1Gbit internet connection and a 300Mbit Wireless network.

    If someone has some suggestions on how to collect data between the browser and the dns call in an automated fashion, I am interested.




    DNS-Benchmark-output.txt.txt
    0
    Comment actions Permalink
  • Avatar
    maintenance

    The test will not reveal much (and it doesn't), because it is doing the same thing as nslookup. Since the problem is apparently with the browser,   You can try this too see what is happening when the browser executes queries  while there is a problem.  http://www.nirsoft.net/utils/dns_query_sniffer.html

     

     

    0
    Comment actions Permalink
  • Avatar
    paolo-sydney

    We in Sydney Australia are getting very slow performance of OpenDNS and it's been ongoing for the past few weeks. For example:

    tracert 208.67.222.222

    Tracing route to resolver1.opendns.com [208.67.222.222]
    over a maximum of 30 hops:

    1 <1 ms <1 ms <1 ms 192.168.1.1
    2 21 ms 37 ms 14 ms 10.50.0.1
    3 * * * Request timed out.
    4 * * * Request timed out.
    5 * * * Request timed out.
    6 39 ms 117 ms 132 ms 59.154.142.84
    7 11 ms 18 ms 11 ms te3-2.sclarbrdr01.aapt.net.au [203.8.183.46]
    8 * * 16 ms lag41.sclarinte01.aapt.net.au [202.10.14.201]
    9 15 ms 11 ms 11 ms 59-100-239-14.syd.static-ipl.aapt.com.au [59.100.239.14]
    10 238 ms 215 ms 26 ms 202.68.65.21
    11 427 ms 332 ms 249 ms 202.68.65.150
    12 226 ms 223 ms 217 ms resolver1.opendns.com [208.67.222.222]

    This has happened before I believe as there is routing through Singapore back to the US, though I understood there is a OpenDNS server in Sydney.

    Any ideas?

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    This would be an issue with your ISP, OpenDNS, routing tables, or something else, though from everything you said it sounds like some sort of routing table or other configuration issue with your ISP. None of these are something you can address or fix. Nor can the other OpenDNS users in this forum do anything about it since we don't have access to the back ends that are dealing with this. You should open a support ticket with OpenDNS as a first step towards resolving this. More than likely they'll tell you it's an ISP issue, but at least you'd have some technical information to provide your ISP to strengthen your case to get them to actually look into it.

    0
    Comment actions Permalink

Please sign in to leave a comment.