DNS lookup is slow but only in terminal (linux)

1

0

It seems I have a DNS problem, although I'm not really sure.

When browsing the internet, everything is fast and fine. But when using a terminal, things start getting weird.

When I ping www.google.com, I have a good return time, but every request takes a lot of time (around 7-8 seconds per request). When using ping -n www.google.com or pinging the ip directly, everything is fine. This is related to How to explain low RTT between extremely long (10s) ping intervals? or linux ping not actually sending 1 packet per second.

According to the answers to these questions, it is a DNS issue. But as I said when I'm browsing the internet everything is ok. There is no 8 seconds delay to load a page. This happens only in a terminal. I don't understand how a DNS issue could affect a terminal but not an internet browser.

This wouldn't be a problem, except that I need to frequently update a list of mirrors for downloading software updates (the command is pacman-mirrors, on an Arch computer), and because of the delay, they all time out and consequently updating fails.

I haven't tried it yet, but maybe changing the DNS to Google's would work. However this is more a workaround than a fix, and I feel the problem should be fixed if at all possible.

Thanks for your help.

Baudouin Roullier

Posted 2014-12-02T13:27:20.740

Reputation: 13

I would try changing the DNS server, if that solves the problem then the actual solution is likely out of your control. I suspect that once the entry is cached locally it's no longer slow, the slow down only occurs during external lookup, which only happens when local cache lookup fails. – Tyson – 2014-12-02T14:02:16.833

Answers

1

First guess: Your configured DNS servers are very slow, and you haven't installed any local DNS cache that would work system-wide.

Meanwhile, some web browsers (at least Firefox and Chromium) have internal DNS caching, so they don't send queries often. Chromium sometimes even tries to do DNS lookups before you even click the link, so you never notice the delay.

Use dig or a similar tool to compare various DNS servers:

$ dig www.google.com
...
;; Query time: 1 msec
;; SERVER: 10.35.0.1#53(10.35.0.1)

$ dig www.google.com @193.219.xx.xx
;; Query time: 7 msec
;; SERVER: 193.219.xx.xx#53(193.219.xx.xx)

$ dig www.google.com @8.8.8.8
;; Query time: 47 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)

If only your current server is slow, change it to a faster one. (Sometimes, home gateways tend to have really shitty DNS proxies. Was particularly unlucky with D-Link myself.)

But if all of them are slow, install one that runs locally (acts as a local cache) – Unbound or dnsmasq are good choices. (Of course, it would be interesting to figure out why your network slows down DNS requests so much...)

  • If NetworkManager is used, you can tell it to set up dnsmasq automatically – set dns=dnsmasq in the NetworkManager.conf(5) file. (The latest 0.9.10 release also supports dns=unbound.)

  • To set it up manually, start the apropriate service, and edit /etc/resolv.conf to use 127.0.0.1 as the nameserver.

user1686

Posted 2014-12-02T13:27:20.740

Reputation: 283 655

dig looks useful. So I tried it, and it seems the DNS servers in /etc/resolv.conf do not work. `$ cat /etc/resolv.conf

Generated by resolvconf

domain soton.ac.uk nameserver 152.78.3.34 nameserver 152.78.3.35 nameserver 192.168.0.1`

$ dig www.google.com @152.78.3.xx dig: couldn't get address for '152.78.3.xx': not found

Although when I don't specify the @server part, I get: ;; Query time: 389 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) – Baudouin Roullier – 2014-12-02T15:09:12.913

Ok, I got it wrong in your answer. I thought the "xx" stood for anything... So I get: dig www.google.com @152.78.3.34 ;; connection timed out; no servers could be reached – Baudouin Roullier – 2014-12-02T15:22:20.107

@BaudouinRoullier: Okay, so the first two nameservers belong to the 152.78.0.0/16 Southampton University address range, and will completely ignore "outside" DNS queries. I'm guessing you manually configured them earlier but aren't on the university network right now, so the majority of the delay is caused by the resolver having to wait until the first two attempts time out... (IMHO, it's a poor decision by the university admins; it'd have been better to make those servers reply with "REFUSED" or at least an ICMP error.) – user1686 – 2014-12-02T15:36:51.863

@BaudouinRoullier: The third server, 192.168.0.1, appears to be your current LAN's gateway. It's also problematic, since it takes almost 400ms to reply – if it's nearby, that should be more like 4ms... – user1686 – 2014-12-02T15:38:20.733

I didn't set the nameserver manually. But I often go to the University so it must be set there and not removed when I get home (that is weird though). Is there a way to "update" the list of nameserver? I thought resolvconf -u did that but apparently not. And it should be automatic, I don't know why it is not really working. (btw, I'm having something like 10ms on my LAN's gateway now, that's fine) – Baudouin Roullier – 2014-12-02T20:43:44.213

Asked: 2014-12-02T13:27:20.740

Viewed: 1 712 times

Active: 2014-12-02T14:33:11.227