Caching DNS server in Suse 10.1
Hi All I am in Taiwan, and the internet service really sucks. I can do a speed test from my ISP, hinet.net, and get the 8 Mbps they say they are providing. If I try the DSL speed tests from the servers in San Francisco or Los Angeles, I get, if I am luck, 1 Mbps. I have noticed that most of the time is waiding while looking up the site. Got some IP addresses of those site, and enter them in the web browser, and it goes about 10 times or more faster. It appears most of the time is for DNS lookup. Now my Question. Would setting up a caching DNS server help this situation and if so, does anyone have any guidance in doing this? I have checed out the DNS setup, etc. before, and find it very confusing, so any help would be greatly appreciated. Art
On 9/28/06, Art Fore wrote:
Hi All
I am in Taiwan, and the internet service really sucks. I can do a speed test from my ISP, hinet.net, and get the 8 Mbps they say they are providing. If I try the DSL speed tests from the servers in San Francisco or Los Angeles, I get, if I am luck, 1 Mbps. I have noticed that most of the time is waiding while looking up the site. Got some IP addresses of those site, and enter them in the web browser, and it goes about 10 times or more faster. It appears most of the time is for DNS lookup.
Now my Question. Would setting up a caching DNS server help this situation and if so, does anyone have any guidance in doing this? I have checed out the DNS setup, etc. before, and find it very confusing, so any help would be greatly appreciated.
Art
First try to disable the IPv6 DNS lookup. If your ISP does not provide it, this is the behaviour you will see. There was an article on novell.com how to do this. -- -- Svetoslav Milenov (Sunny) Windows is a 32-bit extension to a 16-bit graphical shell for an 8-bit operating system originally coded for a 4-bit microprocessor by a 2-bit company that can't stand 1 bit of competition.
On Fri, 2006-09-29 at 08:23 +0800, Art Fore wrote:
Hi All
I am in Taiwan, and the internet service really sucks. I can do a speed test from my ISP, hinet.net, and get the 8 Mbps they say they are providing. If I try the DSL speed tests from the servers in San Francisco or Los Angeles, I get, if I am luck, 1 Mbps.
Art, I'm guessing you're used to being in North America or UK/Europe (I'm basing the rest of my post on this assumption), and accessing sites that are mostly hosted in the N.America, the UK or Europe. There is good trans-Atlantic bandwidth, but between the connections between the rest is not so great. You'll probably find that Taiwanese websites (and probably Chinese/Japanese sites too) will be quick. The far east is connected to the west, mostly, by the SAT3 cable, which runs all the way around Africa. From where I'm sitting (South Africa), access to websites hosted in the Far East is nothing spectacular. If you getting 1mbit between east and west, that's very good. Hans
On Friday 29 September 2006 02:23, Art Fore wrote:
Now my Question. Would setting up a caching DNS server help this situation and if so, does anyone have any guidance in doing this? I have checed out the DNS setup, etc. before, and find it very confusing, so any help would be greatly appreciated.
There's no need to set that up. Simply edit /etc/hosts and enter the IPs and hostnames there. That will elimintate the lookup times (or reduce them to a couple of microseconds). -- ----- stephan@s11n.net http://s11n.net "...pleasure is a grace and is not obedient to the commands of the will." -- Alan W. Watts
On Thursday 28 September 2006 14:21, stephan beal wrote:
On Friday 29 September 2006 02:23, Art Fore wrote:
Now my Question. Would setting up a caching DNS server help this situation and if so, does anyone have any guidance in doing this? I have checed out the DNS setup, etc. before, and find it very confusing, so any help would be greatly appreciated.
There's no need to set that up. Simply edit /etc/hosts and enter the IPs and hostnames there. That will elimintate the lookup times (or reduce them to a couple of microseconds).
Oh, come on Stephan... Presumably the guy wants to surf more than a few web sites. The hosts suggestion is not an answer. -- _____________________________________ John Andersen
On Friday 29 September 2006 06:01, John Andersen wrote:
On Thursday 28 September 2006 14:21, stephan beal wrote:
There's no need to set that up. Simply edit /etc/hosts and enter the IPs and hostnames there. That will elimintate the lookup times (or reduce them to a couple of microseconds).
Oh, come on Stephan... Presumably the guy wants to surf more than a few web sites. The hosts suggestion is not an answer.
i can always count on John Andersen to counter every post i send, simply out of principal. It's not the countering which bugs me, but the predictable condescension certainly does. The OP suggested that he has a handful of sites for which he has IPs:
If I try the DSL speed tests from the servers in San Francisco or Los Angeles,
"the servers" implies a small, known set. If that is indeed the case, the hosts file is an acceptable solution. Obviously it's not manageable for a large number of hosts, nor for hosts which get served from a pool (e.g., google.com). -- ----- stephan@s11n.net http://s11n.net "...pleasure is a grace and is not obedient to the commands of the will." -- Alan W. Watts
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2006-09-29 at 08:23 +0800, Art Fore wrote:
Now my Question. Would setting up a caching DNS server help this situation and if so,
Not for the speed test, I think: it should not involve name look up. Otherwise, maybe.
does anyone have any guidance in doing this?
Just install the named package from SuSE, it will do caching without configuring anything (just the forwarders), unless they changed it. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFFHGV7tTMYHG2NR9URAsGOAJ9V9pvkMm/7AQwjmoND5ezF1/eY5gCeLOo7 TG2w3O6o/8P3Q1O3Y6iaXGY= =4KMt -----END PGP SIGNATURE-----
On Fri, 2006-09-29 at 02:14 +0200, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Friday 2006-09-29 at 08:23 +0800, Art Fore wrote:
Now my Question. Would setting up a caching DNS server help this situation and if so,
Not for the speed test, I think: it should not involve name look up. Otherwise, maybe.
does anyone have any guidance in doing this?
Just install the named package from SuSE, it will do caching without configuring anything (just the forwarders), unless they changed it.
I had been thinking about doing this as well. I checked and there doesn't seem to be a named package. Instead, named is part on the bind package. So it seems bind is what needs to be installed. Rick -- Rick's Law: What cannot be imagined will be accomplished by a fool. PGP Key Id: 9E1125E0
On Fri, 2006-09-29 at 10:29 -0400, Rick Friedman wrote:
On Fri, 2006-09-29 at 02:14 +0200, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Friday 2006-09-29 at 08:23 +0800, Art Fore wrote:
Now my Question. Would setting up a caching DNS server help this situation and if so,
Not for the speed test, I think: it should not involve name look up. Otherwise, maybe.
does anyone have any guidance in doing this?
Just install the named package from SuSE, it will do caching without configuring anything (just the forwarders), unless they changed it.
I had been thinking about doing this as well. I checked and there doesn't seem to be a named package. Instead, named is part on the bind package. So it seems bind is what needs to be installed.
Rick
nscd is the service name and is different from named. t o n y
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2006-09-29 at 10:42 -0400, Tony Nichols wrote:
I had been thinking about doing this as well. I checked and there doesn't seem to be a named package. Instead, named is part on the bind package. So it seems bind is what needs to be installed.
That's right, I forgot that detail.
nscd is the service name and is different from named.
No, nscd is the name service cache daemon, and it is a very different thing. It is configured via /etc/nscd.conf. Package bind contains the "named" daemon, which is what we are looking for. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFFHVN9tTMYHG2NR9URAnySAJ9cBNp/E/Jt6fzRoBLzOhTlVI1tdgCeLZVr FZk2y9VisSxqlpkxhmgc+WU= =2GWh -----END PGP SIGNATURE-----
On Friday 29 September 2006 13:10, Carlos E. R. wrote:
The Friday 2006-09-29 at 10:42 -0400, Tony Nichols wrote:
I had been thinking about doing this as well. I checked and there doesn't seem to be a named package. Instead, named is part on the bind package. So it seems bind is what needs to be installed.
That's right, I forgot that detail.
nscd is the service name and is different from named.
No, nscd is the name service cache daemon, and it is a very different thing. It is configured via /etc/nscd.conf.
Package bind contains the "named" daemon, which is what we are looking for.
Hi Carlos, I've tried 'man' and 'info' and Google... spent probably a half hour now looking for a succinct, functional description of the differences between nscd and named, i.e which does what?... to no avail. Would please elaborate a little? Thanks! Carl
* Carl Hartung
I've tried 'man' and 'info' and Google... spent probably a half hour now looking for a succinct, functional description of the differences between nscd and named, i.e which does what?... to no avail. Would please elaborate a little?
:^), I'm not Carlos, but: named is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more information on the DNS, see RFCs 1033, 1034, and 1035. http://www.die.net/doc/linux/man/man8/named.8.html NAME /usr/sbin/nscd - name service cache daemon DESCRIPTION Nscd is a daemon that provides a cache for the most common name service requests. The default configuration file, /etc/nscd.conf, determines the behavior of the cache daemon. See nscd.conf(5). ie: named is a server which looks up hostnames and nscd is a cacheing daemon which remembers reciently used hostnames->ip_addresses (I would think similarly to /etc/host where you could put frequently used addresses). :^) at least as I read .... -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org HOG # US1244711 Photo Album: http://wahoo.no-ip.org/gallery2
On Friday 29 September 2006 15:33, Patrick Shanahan wrote:
* Carl Hartung
[09-29-06 14:56]: I've tried 'man' and 'info' and Google... spent probably a half hour now looking for a succinct, functional description of the differences between nscd and named, i.e which does what?... to no avail. Would please elaborate a little?
:^), I'm not Carlos, but:
named
is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more information on the DNS, see RFCs 1033, 1034, and 1035.
http://www.die.net/doc/linux/man/man8/named.8.html
NAME /usr/sbin/nscd - name service cache daemon DESCRIPTION Nscd is a daemon that provides a cache for the most common name service requests. The default configuration file, /etc/nscd.conf, determines the behavior of the cache daemon. See nscd.conf(5).
ie: named is a server which looks up hostnames and nscd is a cacheing daemon which remembers reciently used hostnames->ip_addresses (I would think similarly to /etc/host where you could put frequently used addresses).
:^) at least as I read ....
Thanks, Patrick! Sometimes it takes just a 'nudge' to get over these humps. I was overlooking the proactive query component of the DNS "server" which is, at least contextually a 'client' of sorts. regards, Carl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 29 Sep 2006, Patrick Shanahan wrote:
* Carl Hartung <> [09-29-06 14:56]:
I've tried 'man' and 'info' and Google... spent probably a half hour now looking for a succinct, functional description of the differences between nscd and named, i.e which does what?... to no avail. Would please elaborate a little?
:^), I'm not Carlos, but:
:-) ...
ie: named is a server which looks up hostnames and nscd is a cacheing daemon which remembers reciently used hostnames->ip_addresses (I would think similarly to /etc/host where you could put frequently used addresses).
But, and that's why I pointed to the configuration file, it's used only for the passwd, group, and hosts files, nothing more. It does not caches internet names, unless listed in the hosts file. The name of the nscd is missleading. In fact, the man page says as much in the second paragraph: Nscd provides cacheing for accesses of the passwd(5), group(5), and hosts(5) databases through standard libc interfaces, such as getpwnam(3), getpwuid(3), getgrnam(3), getgrgid(3), gethostbyname(3), and others. man pages are, lets say, mandatory reading, but not easy reading, IMO. They are more like a quick way to remember what one already knows but needs refreshing. Thus, for a real internet name cache thing, we need named from bind. As it comes in the rpm, without doing anything, it already works in that manner. We only need to edit /etc/named.conf, find the "forwarders" line, and put there our ISP DNSs. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFFHap1tTMYHG2NR9URAmyUAJ999BTniDZ703mnFocvO7wap3mwnwCfcWYF q1lnGZTMV/aG6cisZQWR1VM= =wCmV -----END PGP SIGNATURE-----
On Friday 29 September 2006 19:21, Carlos E. R. wrote:
Thus, for a real internet name cache thing, we need named from bind. As it comes in the rpm, without doing anything, it already works in that manner. We only need to edit /etc/named.conf, find the "forwarders" line, and put there our ISP DNSs.
Thanks for the interpretation and clarification, Carlos! Carl
On Friday 29 September 2006 19:21, Carlos E. R. wrote:
Thus, for a real internet name cache thing, we need named from bind. As it comes in the rpm, without doing anything, it already works in that manner. We only need to edit /etc/named.conf, find the "forwarders" line, and put there our ISP DNSs.
Addendum: Added my ISP's DNS server IP addresses to /etc/named.conf # The forwarders record contains a list of servers to which queries # should be forwarded. Enable this line and modify the IP address to # your provider's name server. Up to three servers may be listed. forwarders { 4.2.2.1; 4.2.2.2; }; However, 'rcnamed start' elicits: linux:/etc # rcnamed start Starting name server BIND /etc/named.d/forwarders.conf:7: 'forwarders' redefined near 'forwarders' skipped linux:/etc # What have I missed? Thanks! Carl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2006-09-29 at 19:44 -0400, Carl Hartung wrote:
Added my ISP's DNS server IP addresses to /etc/named.conf
# The forwarders record contains a list of servers to which queries # should be forwarded. Enable this line and modify the IP address to # your provider's name server. Up to three servers may be listed.
forwarders { 4.2.2.1; 4.2.2.2; };
However, 'rcnamed start' elicits:
linux:/etc # rcnamed start Starting name server BIND /etc/named.d/forwarders.conf:7: 'forwarders' redefined near 'forwarders' skipped linux:/etc #
What have I missed?
Dunno... it works for me, in "/etc/named.conf": options { directory "/etc/named"; interface-interval 0; forward first; forwarders { 1.2.3.4; 1.2.3.5; }; }; But I don't have a "/etc/named.d/forwarders.conf" file. My configuration is older and inherited from a previous suse install. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFFHbJ9tTMYHG2NR9URAgmVAJ92mBvWN8Z4zHUxOTLYrBvHTFdu1gCfQcCg cRRDF2MnlDWn2dy2Pko6C08= =1hwm -----END PGP SIGNATURE-----
On Friday 29 September 2006 19:55, Carlos E. R. wrote:
options { directory "/etc/named"; interface-interval 0; forward first;
Under 10.0, 'forward first' is set in the section below the DNS IPs.
But I don't have a "/etc/named.d/forwarders.conf" file. My configuration is older and inherited from a previous suse install.
I investigated /etc/named.d/forwarders.conf and the forwarding line there was empty of IPs but also *not* commented out. I commented the line out and 'rcnamed start' worked. Thanks! Carl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2006-09-29 at 20:09 -0400, Carl Hartung wrote:
I investigated /etc/named.d/forwarders.conf and the forwarding line there was empty of IPs but also *not* commented out. I commented the line out and 'rcnamed start' worked.
If you don't have a forwarders configuration, it means you are asking (and loading) the root servers, and that is not convenient. It is better to ask first your isp dns (or any other dns that works), and only if they fail, then query the root servers. Anyhow, the second time you need that name, the query will be local to your machine. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFFHn3gtTMYHG2NR9URAob4AJ4/Jp1+Yrid4rLkxmywprdc1YZAigCcC85a 3ML7J91uW1CNcc4iJHus15M= =1lR4 -----END PGP SIGNATURE-----
On Saturday 30 September 2006 10:23, Carlos E. R. wrote:
The Friday 2006-09-29 at 20:09 -0400, Carl Hartung wrote:
I investigated /etc/named.d/forwarders.conf and the forwarding line there was empty of IPs but also *not* commented out. I commented the line out and 'rcnamed start' worked.
If you don't have a forwarders configuration, it means you are asking (and loading) the root servers, and that is not convenient. It is better to ask first your isp dns (or any other dns that works), and only if they fail, then query the root servers. Anyhow, the second time you need that name, the query will be local to your machine.
But I *do* have a forwarders configuration (and a reminder this is a 10.0 system): From /etc/named.conf: # The forwarders record contains a list of servers to which queries # should be forwarded. Enable this line and modify the IP address to # your provider's name server. Up to three servers may be listed. forwarders { 4.2.2.1; 4.2.2.2; }; # Enable the next entry to prefer usage of the name server declared in # the forwarders section. forward first; I also commented out the final line in /etc/named.d/forwarders, as follows: # Copyright (c) 2001-2004 SuSE Linux AG, Nuernberg, Germany. # All rights reserved. # Forwarders file for PPPD updates (only) # # /etc/named.d/forwarders.conf #forwarders ; I did this because a) named wouldn't start with the default, and b) I interpreted "Forwarders file for PPPD updates (only)" to mean it applies only to dial-up networking and I'm on DSL. Are you saying I should, instead, copy the line as it appears in named.conf? Thanks! Carl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Saturday 2006-09-30 at 11:29 -0400, Carl Hartung wrote:
forwarders { 4.2.2.1; 4.2.2.2; };
I thought you had comented out this ^ line above. I knew nothing about the other one below:
#forwarders ;
Are you saying I should, instead, copy the line as it appears in named.conf?
It was a missunderstanding. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFFHprEtTMYHG2NR9URAqjXAJ42fcSyX8sTUHM3NMu+R7g+buMojACgi9B9 12dpdJLF/c5LkDEL6r/gT28= =RGzJ -----END PGP SIGNATURE-----
On Saturday 30 September 2006 12:26, Carlos E. R. wrote:
The Saturday 2006-09-30 at 11:29 -0400, Carl Hartung wrote:
forwarders { 4.2.2.1; 4.2.2.2; };
I thought you had comented out this ^ line above. I knew nothing about the
other one below:
#forwarders ;
Are you saying I should, instead, copy the line as it appears in named.conf?
It was a missunderstanding.
Thanks for clarifying that, Carlos, now I feel better! ;-) Carl
On Thursday 28 September 2006 16:23, Art Fore wrote:
Now my Question. Would setting up a caching DNS server help this situation and if so, does anyone have any guidance in doing this? I have checed out the DNS setup, etc. before, and find it very confusing, so any help would be greatly appreciated.
Art
Yeah, just install named Its drop dead simple. Note: You don't HAVE to use the local dns servers. You can set up your dhcp server to NOT update resolv.conf and encode your own dns servers in there. All you need is the IP of a good fast DNS server somewhere that you can reach. I frequently cheat and use whidbey.net's dns servers because they are way faster than the ones my ISP supplies. ns.whidbey.net 209.166.65.1 (Seattle). -- _____________________________________ John Andersen
First of all, thanks to everyone who answered and gave input. I have not ansered before because I upgraded the ASUS motherboard that I have been having problems with to a MSI with Dual core 3800+ athlon dual core processor. (I plan on running windows in a Xen virtual machine under Suse. That is the next step.) Nice improvement, but that is besides the point. I added the DNS server noted below as the primary name server in the network card setup. It drastically helps the DNS wait problem I had. Citibank online banking many times timed out before finding the server. Now, it is just a few seconds. No improvement in DSL tests as you would expect though. Right now, I am getting about 400Kbps upload and download. Speed is very time sensitive. Evening are 2 to 5 times slower than early in the morning. Art On Thu, 2006-09-28 at 20:19 -0800, John Andersen wrote:
On Thursday 28 September 2006 16:23, Art Fore wrote:
Now my Question. Would setting up a caching DNS server help this situation and if so, does anyone have any guidance in doing this? I have checed out the DNS setup, etc. before, and find it very confusing, so any help would be greatly appreciated.
Art
Yeah, just install named Its drop dead simple.
Note: You don't HAVE to use the local dns servers. You can set up your dhcp server to NOT update resolv.conf and encode your own dns servers in there. All you need is the IP of a good fast DNS server somewhere that you can reach.
I frequently cheat and use whidbey.net's dns servers because they are way faster than the ones my ISP supplies.
ns.whidbey.net 209.166.65.1 (Seattle).
Art Fore wrote:
Hi All
I am in Taiwan, and the internet service really sucks. I can do a speed test from my ISP, hinet.net, and get the 8 Mbps they say they are providing. If I try the DSL speed tests from the servers in San Francisco or Los Angeles, I get, if I am luck, 1 Mbps. I have noticed that most of the time is waiding while looking up the site. Got some IP addresses of those site, and enter them in the web browser, and it goes about 10 times or more faster. It appears most of the time is for DNS lookup.
Now my Question. Would setting up a caching DNS server help this situation and if so, does anyone have any guidance in doing this? I have checed out the DNS setup, etc. before, and find it very confusing, so any help would be greatly appreciated.
A caching DNS server would help in obtaining an address, only if you've previously gone to that address within the cache time.
participants (11)
-
Art Fore
-
Carl Hartung
-
Carlos E. R.
-
Hans du Plooy
-
James Knott
-
John Andersen
-
Patrick Shanahan
-
Rick Friedman
-
stephan beal
-
Sunny
-
Tony Nichols