resolving www.ecb.europa.eu tages ages

Robert M. Stockmann stock at stokkie.net
Mon Jun 20 13:27:41 UTC 2022 

On Fri, 17 Jun 2022, Matus UHLAR - fantomas wrote:

> Date: Fri, 17 Jun 2022 13:04:51 +0200
> From: Matus UHLAR - fantomas <uhlar at fantomas.sk>
> To: bind-users at lists.isc.org
> Subject: resolving www.ecb.europa.eu tages ages
> 
> Hello,
> 
> I encountered case where resolution of www.ecb.europa.eu takes long time and 
> I can't find out why.
> 
> I'm trying to find the culprit using dig +trace and resolution times change 
> from < 1 second to > 15 seconds, while response times reported by dig say 
> miliseconds.
> 
> multiple runs of dig seem to fix the issue until I clear named cache.
> (which indicated problem is in DNS, but I still have no idea where)
> 
> I'm out od ideas what to search for.
> 
> I have debian 11 with bind version 1:9.16.27-1~deb11u1
> 
> an example dig that took 5 seconds pasted:
> 
> # time dig +trace www.ecb.europa.eu
> 
> ; <<>> DiG 9.16.27-Debian <<>> +trace www.ecb.europa.eu
> ;; global options: +cmd
> .                       194472  IN      NS      m.root-servers.net.
> .                       194472  IN      NS      k.root-servers.net.
> .                       194472  IN      NS      f.root-servers.net.
> ----//-------- 
> www.ecb.europa.eu.      300     IN      CNAME   www-ecb-europa-eu.ax4z.com.
> ;; Received 86 bytes from 156.154.65.109#53(pdns109.ultradns.net) in 11 ms
> 
> real    0m5.117s
> user    0m0.011s
> sys     0m0.035s
> ======================

Here's what i get :

$ time dig +trace www.ecb.europa.eu

; <<>> DiG 9.8.1 <<>> +trace www.ecb.europa.eu
;; global options: +cmd
.                       6453    IN      NS      i.root-servers.net.
.                       6453    IN      NS      b.root-servers.net.
.                       6453    IN      NS      c.root-servers.net.
.                       6453    IN      NS      j.root-servers.net.
.                       6453    IN      NS      k.root-servers.net.
.                       6453    IN      NS      l.root-servers.net.
.                       6453    IN      NS      a.root-servers.net.
.                       6453    IN      NS      g.root-servers.net.
.                       6453    IN      NS      d.root-servers.net.
.                       6453    IN      NS      f.root-servers.net.
.                       6453    IN      NS      m.root-servers.net.
.                       6453    IN      NS      e.root-servers.net.
.                       6453    IN      NS      h.root-servers.net.
;; Received 228 bytes from 192.168.188.10#53(192.168.188.10) in 134 ms

eu.                     172800  IN      NS      w.dns.eu.
eu.                     172800  IN      NS      x.dns.eu.
eu.                     172800  IN      NS      y.dns.eu.
eu.                     172800  IN      NS      be.dns.eu.
eu.                     172800  IN      NS      si.dns.eu.
;; Received 341 bytes from 199.9.14.201#53(199.9.14.201) in 69 ms

europa.eu.              86400   IN      NS      ns3bru.europa.eu.
europa.eu.              86400   IN      NS      ns4az1.europa.eu.
europa.eu.              86400   IN      NS      ns2lux.europa.eu.
europa.eu.              86400   IN      NS      ns1.bt.net.
europa.eu.              86400   IN      NS      ns1lux.europa.eu.
europa.eu.              86400   IN      NS      ns2eu.bt.net.
europa.eu.              86400   IN      NS      ns2bru.europa.eu.
europa.eu.              86400   IN      NS      ns1bru.europa.eu.
europa.eu.              86400   IN      NS      ns3lux.europa.eu.
;; Received 431 bytes from 185.151.141.1#53(185.151.141.1) in 115 ms

ecb.europa.eu.          3600    IN      NS      pdns109.ultradns.net.
ecb.europa.eu.          3600    IN      NS      pdns109.ultradns.org.
ecb.europa.eu.          3600    IN      NS      ns1.coltnet.at.
ecb.europa.eu.          3600    IN      NS      pdns109.ultradns.biz.
ecb.europa.eu.          3600    IN      NS      pdns109.ultradns.com.
ecb.europa.eu.          3600    IN      NS      ns8.colt.net.
;; Received 222 bytes from 147.67.12.3#53(147.67.12.3) in 126 ms

www.ecb.europa.eu.      300     IN      CNAME   www-ecb-europa-eu.ax4z.com.
;; Received 75 bytes from 156.154.65.109#53(156.154.65.109) in 9 ms


real    0m0.461s
user    0m0.008s
sys     0m0.010s
$ 

the second time , when this query is cached i get :

$ time  dig +trace www.ecb.europa.eu

; <<>> DiG 9.8.1 <<>> +trace www.ecb.europa.eu
;; global options: +cmd
.                       5382    IN      NS      j.root-servers.net.
----//----
www.ecb.europa.eu.      300     IN      CNAME   www-ecb-europa-eu.ax4z.com.
;; Received 75 bytes from 156.154.65.109#53(156.154.65.109) in 9 ms


real    0m0.104s
user    0m0.006s
sys     0m0.007s
$ dig -v
DiG 9.8.1
$

My dig version as you see doesn't query RRSIG, NSEC records. On the 
same network a ubuntu 20.04 machine takes indeed much longer :

ubuntu at ubuntu:~$ time dig +trace www.ecb.europa.eu 

; <<>> DiG 9.16.1-Ubuntu <<>> +trace www.ecb.europa.eu
;; global options: +cmd
.                       5812    IN      NS      a.root-servers.net.
.                       5812    IN      NS      c.root-servers.net.
.                       5812    IN      NS      m.root-servers.net.
.                       5812    IN      NS      k.root-servers.net.
.                       5812    IN      NS      g.root-servers.net.
--//--
;; Received 891 bytes from 147.67.12.3#53(ns2lux.europa.eu) in 16 ms

www.ecb.europa.eu.      300     IN      CNAME   www-ecb-europa-eu.ax4z.com.
;; Received 86 bytes from 2001:502:4612::91#53(pdns109.ultradns.org) in 4 ms


real    0m3.052s
user    0m0.021s
sys     0m0.020s
ubuntu at ubuntu:~$ dig -v
DiG 9.16.1-Ubuntu
ubuntu at ubuntu:~$ 

-- 
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecovery.org  stock at stokkie.net

More information about the bind-users mailing list