[squid-users] Bizarrely slow, timing out DNS only via Squid 😖
Dan Charlesworth
dan at getbusi.com
Thu Mar 3 07:08:47 UTC 2016
Here we go:
# time dig -x 10.100.128.1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.6 <<>> -x 10.100.128.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11319
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;1.128.100.10.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
10.in-addr.arpa. 86400 IN SOA localhost. root.localhost. 1 604800 86400 2419200 86400
;; Query time: 32 msec
;; SERVER: 192.231.203.3#53(192.231.203.3)
;; WHEN: Thu Mar 3 18:07:21 2016
;; MSG SIZE rcvd: 93
real 0m0.037s
user 0m0.003s
sys 0m0.001s
> On 3 Mar 2016, at 5:44 PM, Eliezer Croitoru <eliezer at ngtech.co.il> wrote:
>
> can you try the next command:
> dig -x 10.100.128.1
>
> Eliezer
>
> On 03/03/2016 08:04, Dan Charlesworth wrote:
>> Like this:
>>
>> # time nslookup httpbin.org
>> Server: 192.231.203.3
>> Address: 192.231.203.3#53
>>
>> Non-authoritative answer:
>> Name: httpbin.org
>> Address: 54.175.222.246
>>
>> real 0m0.026s
>> user 0m0.001s
>> sys 0m0.004s
>>
>>
>> # time dig httpbin.org
>>
>> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.6 <<>> httpbin.org
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44477
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
>>
>> ;; QUESTION SECTION:
>> ;httpbin.org. IN A
>>
>> ;; ANSWER SECTION:
>> httpbin.org. 577 IN A 54.175.222.246
>>
>> ;; AUTHORITY SECTION:
>> httpbin.org. 6161 IN NS ns-769.awsdns-32.net.
>> httpbin.org. 6161 IN NS ns-1074.awsdns-06.org.
>> httpbin.org. 6161 IN NS ns-410.awsdns-51.com.
>> httpbin.org. 6161 IN NS ns-1756.awsdns-27.co.uk.
>>
>> ;; ADDITIONAL SECTION:
>> ns-410.awsdns-51.com. 9966 IN A 205.251.193.154
>> ns-769.awsdns-32.net. 13639 IN A 205.251.195.1
>> ns-1074.awsdns-06.org. 11459 IN A 205.251.196.50
>> ns-1756.awsdns-27.co.uk. 11489 IN A 205.251.198.220
>>
>> ;; Query time: 21 msec
>> ;; SERVER: 192.231.203.3#53(192.231.203.3)
>> ;; WHEN: Thu Mar 3 17:03:04 2016
>> ;; MSG SIZE rcvd: 246
>>
>> real 0m0.026s
>> user 0m0.004s
>> sys 0m0.001s
>>
>>
>>> On 3 Mar 2016, at 4:55 PM, Eliezer Croitoru <eliezer at ngtech.co.il> wrote:
>>>
>>> Hey Dan,
>>>
>>> What dig+nslookup queries did you tested for?
>>>
>>> Eliezer
>>>
>>> On 03/03/2016 07:39, Dan Charlesworth wrote:
>>>> Right now we have 1 squid box (out of a lot), running 3.5.13, which does something like this for every request, taking about 10 seconds:
>>>>
>>>> 2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1794) idnsPTRLookup: idnsPTRLookup: buf is 43 bytes for 10.100.128.1, id = 0x733a
>>>> 2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1745) idnsALookup: idnsALookup: buf is 29 bytes for httpbin.org, id = 0x8528
>>>> 2016/03/03 16:30:48.883 kid1| 78,3| dns_internal.cc(1683) idnsSendSlaveAAAAQuery: buf is 29 bytes for httpbin.org, id = 0x69c2
>>>> 2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>>>> 2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 93 bytes from 192.231.203.132:53
>>>> 2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x733a, -3 answers
>>>> 2016/03/03 16:30:48.884 kid1| 78,3| dns_internal.cc(1195) idnsGrokReply: idnsGrokReply: error Name Error: The domain name does not exist. (3)
>>>> 2016/03/03 16:30:53.884 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns8 QID 0x8528: timeout
>>>> 2016/03/03 16:30:53.884 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns0 QID 0x69c2: timeout
>>>> 2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>>>> 2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 110 bytes from 172.16.100.4:53
>>>> 2016/03/03 16:30:53.885 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x69c2, 0 answers
>>>> 2016/03/03 16:30:58.885 kid1| 78,3| dns_internal.cc(1384) idnsCheckQueue: idnsCheckQueue: ID dns8 QID 0x8528: timeout
>>>> 2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1277) idnsRead: idnsRead: starting with FD 7
>>>> 2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1323) idnsRead: idnsRead: FD 7: received 246 bytes from 172.16.100.5:53
>>>> 2016/03/03 16:30:58.886 kid1| 78,3| dns_internal.cc(1130) idnsGrokReply: idnsGrokReply: QID 0x8528, 1 answers
>>>>
>>>> AND YET, every nslookup or dig done at the command line on the same server is lightning fast. I’ve tried local and ISP-level DNS servers and get the same result.
>>>>
>>>> What could be going on here?
>>>>
>>>
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list