Home / server / Questions / 882047
In Process
Pol Hallen
Asked: 2017-11-07 05:04:35 +0800 CST

bind9 slow performances than google dns

  • 772

On debian 9 I configurated bind9 (v.9.10.3) as cache server, later as forwarders server. For testing purpose I don't have any firewall and I make test from internal lan gigabit. Bind works but performances are not so good, for example:

dig aruba.it @192.168.50.35 (my BIND)
Query time: 129 msec

dig aruba.it @8.8.8.8
Query time: 20 msec

nmap -sT -p 53 192.168.50.35

Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-06 14:31 CET
Nmap scan report for 192.168.50.35
Host is up (0.0014s latency).

ping -c5 192.168.50.35

PING 192.168.50.35 (192.168.50.35) 56(84) bytes of data.
64 bytes from 192.168.50.35: icmp_seq=1 ttl=64 time=1.31 ms
64 bytes from 192.168.50.35: icmp_seq=2 ttl=64 time=1.34 ms
64 bytes from 192.168.50.35: icmp_seq=3 ttl=64 time=1.33 ms
64 bytes from 192.168.50.35: icmp_seq=4 ttl=64 time=5.56 ms
64 bytes from 192.168.50.35: icmp_seq=5 ttl=64 time=1.32 ms

--- 192.168.50.35 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 1.312/2.177/5.561/1.692 ms

This happens with all domains. Switching bind config with forwarders I've same problem: queries are slowes.

Is this correct a query time for a local DNS?

cat /etc/bind/named.conf.options

options {
        directory "/var/cache/bind";

// uncomment these to switch to forwarders
//        forwarders {
//                8.8.8.8;
//                8.8.4.4;
//         };


        dnssec-validation auto;
        listen-on port 53 { localhost; 192.168.50.0/24; };
        allow-query { localhost; 192.168.50.0/24; };
        recursion yes;

};

Disabling IPv6 doesn't change anything.

debian

1 Answers

  1. One possible explanation is caching. DNS records are cached in DNS servers (as well as cached in clients). Google DNS is a public DNS server used by too many users around the globe. So, there is good chance that the requested name has recently been resolved by Google DNS. This means better response time when compared to your local DNS server.

    Another reason is the optimization and tuning done by Google. Such a public DNS server must be optimized to handle the traffic it receives.

    By the way, you can verify the caching effect by repeating the DNS query to your server. You will get a much better response time from the second time (result has been cached).

    • 1