[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse
Subject:    [opensuse] Re: When I have downloads running, DNS fails.
From:       Linda Walsh <suse () tlinx ! org>
Date:       2014-07-14 9:39:46
Message-ID: 53C3A562.4080201 () tlinx ! org
[Download RAW message or body]

Carlos E. R. wrote:
>  By asking the DNS server of my ISP, which will respond directly if it
>  has the answer, or query the root servers for me. This diminishes the
>  load on the root servers, and is considered the polite behaviour.
----
For those who don't  keep DNS running on a server, that's probably
true.

        For those who keep DNS running on a server, the expire time for the
root servers is 3600000s or 42 days.  If the load increases too much on
the root servers, I'm pretty sure they could increase that.

>
>  So no, I can not accept that it performs worse, and just on a single
>  service.
----
And how many other services do you run UDP with -- which is likely
the default for lower-powered routers doing DNS resolution?


>
> > Until your DNS traffic is prioritized above the "ACK"s on download
> > streams,
> >
> > This effect can be worsened by DNS's defaulting to UDP as it doesn't
> > have tcp's auto-correction mechanisms.
> >
> > also, on QOS, everything else doesn't need to set QOS.
>
>
>  All that applies as well to my DNS cache server on my computer, which
>  traversing the same "saturated" router, manages to do DNS queries just
>  fine, with a saturated internet pipe.
----
No, it doesn't for multiple reasons (any *1* of which could cause
problems as you are seeing).

1) your pc dns queries to a recursive resolver, are likely TCP, so they
won't time out and will have reliable connections while the recursive
resolver does any needed resolution.

2) DNS over TCP will benefit from the most common end-user optimization
in home equipment (if there is any) --- prioritizing 'ACKS'.

3) DNS over UDP won't get that benefit as it doesn't use TCP ACKS.

4) Because UDP is unreliable, it may be getting dropped more often than
a similar connection over TCP -- those timeouts are expensive in terms
of time.

5) if you are querying your ISP (or google) they likely have the answer
to your query in their cache meaning they have no lookups to do and you
just need to get a reply.

6). if you are querying your ISP or google, you are using 'fat pipes'
for all but the last leg to your house, which is the same regardless of
source.  This strongly affects response time.

7.  As mentioned previously, if you have a smaller router doing lookups,
it will likely not have the cache that your ISP would, so it may not be
able to hold root servers in cache for 42 days.

So there multiple reasons why DNS lookups from your PC through your ISP
are very different from DNS lookups performed by your router.  There are
likely more.  Once you get into to doing benchmarks, you start to
realize how many variables it takes to keep things "relatively
constant".

Whether or not any of those are an issue in your specific case or
whether or not some other issue is, is an unknown until you do
measurements and traffic analysis, which are 'greek' (or is that 'geek?)
to most people...

I'm not saying you should learn such arcana, but I am saying
you shouldn't rule out things based on cursory knowledge, either.



-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse+owner@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]