[afnog] Decreasing Access Time to Root Servers DNS by Running One on Loopback

Nishal Goburdhan nishal at controlfreak.co.za
Sat Dec 19 19:11:38 UTC 2015 

On 17 Dec 2015, at 1:42, Phil Regnauld wrote:

> Nishal Goburdhan (nishal) writes:
>> but, my point, was that you’re likely to get better performance 
>> from
>> your ISP’s larger cache (by virtue of it simply having more
>> customers to populate this cache) vs. you, as an individual, using
>> your own server.
>
> 	I'd like to see data to back that up - not saying it's not
> 	likely, but I'd like to see real measurements :)

well, a more scientific experiment will take time.  but here’s some 
quick and dirty results:

nishal at admin:~ % dig a www.cisco.com @168.210.2.2
[snip]
;; Query time: 20 msec
;; SERVER: 168.210.2.2#53(168.210.2.2)
;; WHEN: Thu Dec 17 07:31:05 SAST 2015

nishal at admin:~ % dig a www.cisco.com @localhost
[snip]
;; Query time: 1320 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Dec 17 07:31:14 SAST 2015


* 168.210.2.2 and 2c0f:fc00:53:53::53 = my ISP’s anycast dns servers, 
that, presumably has n*10,000 users
* 196.36.80.186 and 2c0f:fc00:a000:1010::186 = home dns server, that has 
about 40 clients (or so says my router’s arp table)

tarball, with more results, (which the list would normally strip) sent 
separately and off-list.


>> but as dns-admin of a large network, optimising
>> dns performance *is* likely to be a concern for you, since, dns is
>> the starting step to most end-user services.  heck, do operators
>> still pre-cache? :-)
>
> 	What, DNS queries ?

yes, dns queries.  when TTLs were still 1537-like, pre-caching saved you 
precious milliseconds, especially if you’re at the bottom of the 
world, and other things weren’t.  there are still many places where 
this true (see mtinka’s message about low-latency).


> 	RFC violation, but heck, you don't ever want fbcdn.net and google.com
> 	to hit 0 :D

sorry, i should have been clearer.
i didn’t mean fudging your named.conf;  i meant a little script like 
“for in `cat cctld-list` ; do dig ns $i ; done”  iterating against 
your name-servers.  (or replace “cctld-list” with 
“relevant-domain-list”)
in a previous life, that’s what i’d do to pre-populate dns caches at 
5.27am daily.  no-one seemed to complain :-)

—n.

More information about the afnog mailing list