CRC wrote:
> Hi:
>
> Usually everything works, but today I've been noticing sporadic failures
> of DNS resolution while web browsing.
>
> I have a Linksys WRT54G connected to a SBC/Yahoo DSL modem. A pair of
> openSuse 10.3 boxes connect to that. I have had /etc/resolv.conf set to
> the router's IP:
>
> # cat /etc/resolv.conf
> nameserver 192.168.1.1
> domain mydomain.org
>
> The router magically sets up DNS servers through DHCP when it logs into
> SBC. It's status info shows that it's using these DNSs:
>
> DNS 1: 68.94.156.1
> DNS 2: 68.94.157.1
Those are DNS machines used by your Dial-Up provider to enable its customers
to use nameresolution, they do not need to be publicly available to
non-customers.
>
> These don't agree with the DNS servers indicated here for SBC/Yahoo DSL:
>
> http://portforward.com/networking/dns.htm
Which might be out-of-date (I found no information on latest activity on
that page).
>
> which are:
>
> 206.13.31.13
> 206.13.28.60
> 206.13.31.5
> 206.13.28.31
>
> When I manually put these into my /etc/resolv.conf, then all my host
> lookups fail:
>
> > host www.americashredding.com
> Host www.americashredding.com.mydomain.org not found: 5(REFUSED)
Same as above, these are for the provider's customers only and if you are
not a customer of SBC/Yahoo DSL (doesn't matter where your modem comes
from, it's important where it connects to) you are not allowed to use them.
>
> When I put in one of the publically available DNSs from the Portforward
> site, then things work. For ex. using 4.2.2.1:
>
> > host www.americashredding.com
> www.americashredding.com is an alias for americashredding.com.
> americashredding.com has address 66.160.191.230
> americashredding.com mail is handled by 0 americashredding.com.
>
> When I stick the router's DNS IPs into /etc/resolv.conf, it works as well.
Your router does not have its own nameserver. It just forwards DNS requests
to those given to it and forwards answers back to the local machine the
request came from. That's why the router's address in your resolv.conf
works precisely as good as the addresses the router got from your provider.
>
> My question is simply, how to set up a fast and reliable DNS
> configuration in /etc/resolv.conf? Should I fix the ISPs DNS addresses
> in /etc/resolv.conf, or use the router?
Use the router. If your provider chooses to change nameserver addresses for
whatever reason your router will know upon next dial-in. Using the
addresses directly on your hosts you'd have to manually change all your
hosts and at that time the old addresses are most likely out-of-order
(otherwise you wouldn't have noticed if you don't check with your router
regularly).
>
> I would like to use the options:
>
> options timeout:1
>
> and possibly:
>
> options rotate
According to my manpages there are no such options to resolv.conf
If using your router your router will figure out a not responding nameserver
and use the next. Usually the provider publishes the best and fastest
nameserver first and the second address is just an (anyway required)
fallback if the first one should fail.
If not using your router your system's resolver will act the same way so its
just a faster processor doing the same task. But the bottleneck here is
your network connection and speed of nameservers so it won't do you any
good.
>
> with a list of 3 nameservers in order to speed resolution in case one is
> sluggish. Is it best to omit the rotate option? I suppose that would
> depend on whether you know one server is usually fastest, then rather
> than load balancing, just putting that first without rotate would give
> best performance.
If your provider is not completely braindead - okay, bad suggestion, there
are a lot of criminally braindead providers out there - the first
nameserver given by the provider should be fastest.
>
> Another question is: Is it best to use the ISPs internal DNS servers
> for best performance, or might publically known servers also perform
> well. Is there a way to nechmark server performance, and would such a
> measurement mean anything for future resolutions?
Nameservers use caching. Thus if a nameserver was asked for an IP address it
caches the answer as long as it could, using information provided by the
domain the IP belongs to. The main difference between your provider's
nameservers and publicly available ones is a longer route - you most
certainly need to leave your provider's network and traverse a number of
other networks before reaching a public nameserver. This slows down your
requests.
Best chance with publicly available nameservers is when they use better
hardware and lots and lots and lots of more ram so old requests have not
vanished from their caches before the request's caching time was up anyway.
But then your provider's nameservers may also have a huge amount of ram and
may not receive as much requests as a public nameserver so their caches
last longer.
If you suffer from regular long waiting times before a request is answered
(Firefox says something like "Finding www.whatever.com...." in its status
bar, _not_ "Connecting to www.whatever.com...") you can as well try with a
public nameserver. My experience showed that it's not the nameserver which
slows down browsing but webservers which do not answer fast...
Hope that helps.
Felix
Similar Threads
Linear Mode
