named answering slowly for not cached domain

Kevin Darcy kcd at daimlerchrysler.com
Wed Dec 14 23:14:19 UTC 2005 

Bind Mailing List wrote:

>Hi!
>We use bind 9.3.1 on solaris 8.
>We noticed that when we request our DNS for a domain that is cached we receive a rapid answer (less than 100 ms). Great!
>The problem is when we we request our DNS for a domain that is not cached, that take about 4000 ms. Of course if we ask again this request that will take less than 100ms.
>This 4000ms for a request that is not cached seems realy slow and some other DNS in the internet seem to answer faster than that for a request of domain not cached.
>Is-it normal to be that slow for a not cached request?
>
What's "normal" differs of course from server to server, site to site. 
But that seems rather slow, offhand.

>Could we do something to solve it?
>
Resolving something from cache is quite trivial, in performance terms. 
You're just looking up the answer in memory and returning it. When you 
have to recurse to other nameservers to get the answer, you're using a 
lot more CPU and memory, and you're also doing network transactions, so 
any problems in the network, including congestion, will impact your 
resolution time. Also, if the servers you're talking to are slow, 
that'll of course also impact your resolution time.

What I'd do to get a good read on the situation is mimic the resolution 
process. dig with the +trace option, run from the nameserver itself, can 
give you a fairly good approximation (if you're setting your 
query-source in named.conf, though, make sure to use dig's -b option for 
a faithful simulation; you might also want to consider setting a 
bufsize, since BIND 9 does that by default, with a fallback if the 
remote server doesn't understand EDNS0). Or, you could send those 
queries manually. Take note of how long each step in the resolution 
process takes. You might find that only certain nameservers take a long 
time to resolve, in which case it's more likely to be a problem on the 
remote end. Or, you might find that nameservers on certain parts of the 
Internet take a long time, which could be a networking problem. If 
*everything* is taking a long time to resolve, then maybe you have 
congestion in your own network infrastructure that is causing packets to 
get lost, corrupted or delayed. If *nothing* is slow when you do manual 
queries, then perhaps your nameserver process itself is the bottleneck. 
I'd start looking at CPU/memory usage, etc.

>Is it related to our DNS version (9.3.1)?
>
Doubt it. If 9.3.1 had any fundamental performance problems, I think we 
would have heard about it by now.

                                                                         
                                                - Kevin

More information about the bind-users mailing list