| View previous topic :: View next topic |
| Author |
Message |
rev138
l33t
Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA
|
 Posted: Wed Feb 04, 2004 1:26 pm Post subject: Ping times are fine, but results are SLOOOOOOOOW. |
 |
|
I'm having a strange issue that doesn't seem to be addressed on any other threads.
I'm running a gentoo workstation which gets its DNS resolution from a Win2k server. All net traffic responds speedily (ssh, ftp, www, etc), except for ping/traceroute.
If I ping a hostname on the network (I can't ping external addresses, it's a closed network), it resolves the IP almost instantly, but then it takes up to 30-40 seconds for each ping result to display. The ping times retuned are generally < 0.5ms, which is fine... but I can almost make a sandwich and eat it in the time it takes to ping a host 10 times! 
Some related(?) notes:
* If the hostnames are defined in /etc/hosts there is NO slowdown at all.
* I have a laptop running gentoo on this network with the same exact problem.
* none of the windows (any version) workstations on the network have this trouble.
Here's what my resolv.conf looks like:
| Code: |
domain mydomain.net
nameserver 194.1.8.25
search win.mydomain.net
|
Any ideas?
Thanks in advance!  |
|
| Back to top |
|
 |
ckdake
l33t
Joined: 10 Apr 2003
Posts: 889
Location: Atlanta, GA
|
| Posted: Wed Feb 04, 2004 3:06 pm Post subject: |
|
|
how fast are DNS lookups manually? ie | Code: | $dig -x 194.1.8.something
$dig hostname |
and have you tried using differently sized ping packets?
_________________
http://ckdake.com/ |
|
| Back to top |
|
|
rev138
l33t
Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA
|
| Posted: Wed Feb 04, 2004 3:15 pm Post subject: |
|
|
Here's what I get. I haven't tried different sized packets, but I don't see how this would make a difference?
| Code: |
bash-2.05b$ dig -x 194.1.5.7
; <<>> DiG 9.2.2 <<>> -x 194.1.5.7
;; global options: printcmd
;; connection timed out; no servers could be reached
|
| Code: |
bash-2.05b$ dig hallsvr2
; <<>> DiG 9.2.2 <<>> hallsvr2
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 17404
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;hallsvr2. IN A
;; Query time: 15 msec
;; SERVER: 194.1.8.25#53(194.1.8.25)
;; WHEN: Wed Feb 4 10:18:07 2004
;; MSG SIZE rcvd: 26
|
|
|
| Back to top |
|
|
rev138
l33t
Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA
|
| Posted: Wed Feb 04, 2004 3:20 pm Post subject: |
|
|
Here's a ping result for that server (the ping times are several ms each, since they're over a partial T1, not on the LAN)
| Code: |
PING hallsvr2.win.howardcenter.net (194.1.5.7) 56(84) bytes of data.
64 bytes from 194.1.5.7: icmp_seq=1 ttl=126 time=7.96 ms
64 bytes from 194.1.5.7: icmp_seq=2 ttl=126 time=7.91 ms
64 bytes from 194.1.5.7: icmp_seq=3 ttl=126 time=9.27 ms
64 bytes from 194.1.5.7: icmp_seq=4 ttl=126 time=8.07 ms
64 bytes from 194.1.5.7: icmp_seq=5 ttl=126 time=7.93 ms
--- hallsvr2.win.howardcenter.net ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time [b][red]45703ms[/b][/red]
rtt min/avg/max/mdev = 7.919/8.234/9.276/0.526 ms
|
Note that it took almost 46 seconds to complete 5 pings. |
|
| Back to top |
|
|
ckdake
l33t
Joined: 10 Apr 2003
Posts: 889
Location: Atlanta, GA
|
| Posted: Wed Feb 04, 2004 3:44 pm Post subject: |
|
|
| Quote: | ; <<>> DiG 9.2.2 <<>> -x 194.1.5.7
;; global options: printcmd
;; connection timed out; no servers could be reached
|
means that it cant get to your DNS Server (for a reverse lookup) and | Quote: | ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 17404
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
|
means that the DNS server didn't give you an ipaddress.
Do the ping replies coming in happen right after eachother and it just takes a while for the first one to come in?
The packet size thing is just a guess. sometimes weird things happen. I was at a convention and everything was acting really weird, much like what is happening with your setup. We used larger ping packets and they all were being dropped by one router that was just taking its sweet time letting through smaller packets. We replaced the router and everything was back to normal.
_________________
http://ckdake.com/ |
|
| Back to top |
|
|
rev138
l33t
Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA
|
| Posted: Wed Feb 04, 2004 3:55 pm Post subject: |
|
|
| ckdake wrote: | | Do the ping replies coming in happen right after eachother and it just takes a while for the first one to come in? |
No... there's a long lag between each ping. I have a hard time beleiving this is a DNS issue, because ping comes up with the IP for a hostname immediately.
It makes no sense to me.  |
|
| Back to top |
|
|
ckdake
l33t
Joined: 10 Apr 2003
Posts: 889
Location: Atlanta, GA
|
| Posted: Wed Feb 04, 2004 4:04 pm Post subject: |
|
|
how about traceroute? you said it was acting up as well. I'm assuming it just times out and is giving you * * *s but I never asked. heh. Are all of the machines (including the windows one that is working properly) connected to the same networking hardware?
_________________
http://ckdake.com/ |
|
| Back to top |
|
|
rev138
l33t
Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA
|
| Posted: Wed Feb 04, 2004 4:11 pm Post subject: |
|
|
Traceroute gives me this result, but again, it takes a long, long time between each displayed hop. Also, in the case of this command, it puases for about 10 seconds on "traceroute to" before it finishes the rest of that line ("194.1.5.7 (194.1.5.7), 30 hops max, 40 byte packets").
| Code: |
bash-2.05b$ traceroute hallsvr2
traceroute to 194.1.5.7 (194.1.5.7), 30 hops max, 40 byte packets
1 194.1.8.10 (194.1.8.10) 0.897 ms 0.776 ms 0.653 ms
2 194.1.5.10 (194.1.5.10) 10.235 ms 7.555 ms 7.495 ms
3 194.1.5.7 (194.1.5.7) 7.699 ms 12.915 ms 8.226 ms
|
|
|
| Back to top |
|
|
pheelay
Tux's lil' helper
Joined: 06 Nov 2002
Posts: 128
Location: Ireland
|
| Posted: Wed Feb 04, 2004 5:12 pm Post subject: |
|
|
I have this exact problem on my home LAN so I'd greatly appreciate a solution too!! I'm using djbdns on a Gentoo server. I've just ignored the problem because it hasn't caused any network performance issues as I'm defining all the machines in /etc/hosts also.
If I ping by IP, everything is perfect.
If I ping a hostname (not defined in /etc/hosts), ip resolution is instant, but there is approx 30 seconds between each response. Ping reports 0% packet loss.
Windows machines on the same network do not have this problem.
With traceroute it stalls on 'traceroute to' for about 5-10 seconds before completing the line and actually never finds the destination.
| Code: | # traceroute geoff
traceroute to 192.168.0.15 (192.168.0.15), 30 hops max, 40 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
# ping 192.168.0.15
PING 192.168.0.15 (192.168.0.15) 56(84) bytes of data.
64 bytes from 192.168.0.15: icmp_seq=1 ttl=128 time=0.226 ms
64 bytes from 192.168.0.15: icmp_seq=2 ttl=128 time=0.218 ms
64 bytes from 192.168.0.15: icmp_seq=3 ttl=128 time=0.218 ms
--- 192.168.0.15 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.218/0.220/0.226/0.017 ms
# ping geoff
PING geoff.mshome.net (192.168.0.15) 56(84) bytes of data.
64 bytes from 192.168.0.15: icmp_seq=1 ttl=128 time=0.138 ms
64 bytes from 192.168.0.15: icmp_seq=2 ttl=128 time=0.219 ms
64 bytes from 192.168.0.15: icmp_seq=3 ttl=128 time=0.207 ms
--- geoff.mshome.net ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 10368ms
rtt min/avg/max/mdev = 0.138/0.188/0.219/0.035 ms
|
[notice the difference in total time between ping by ip and addr] |
|
| Back to top |
|
|
ckdake
l33t
Joined: 10 Apr 2003
Posts: 889
Location: Atlanta, GA
|
| Posted: Wed Feb 04, 2004 6:56 pm Post subject: |
|
|
That is really pretty weird.
pheelay, what is in your /etc/resolv.conf?
rev138, are you using djbdns?
mine is | Code: | #cat /etc/resolv.conf
nameserver 172.16.0.69 |
on all 4 linux machines on my network (I'm running bind as my local DNS server) and ping is super lightning fast:
| Code: | ckdake@zion ckdake $ ping -c 10 david.local
PING david.um (172.16.0.65) 56(84) bytes of data.
64 bytes from david.um (172.16.0.65): icmp_seq=1 ttl=64 time=0.257 ms
64 bytes from david.um (172.16.0.65): icmp_seq=2 ttl=64 time=0.228 ms
...
64 bytes from david.um (172.16.0.65): icmp_seq=10 ttl=64 time=0.235 ms
--- david.um ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 8998ms
rtt min/avg/max/mdev = 0.217/0.228/0.257/0.010 ms |
_________________
http://ckdake.com/ |
|
| Back to top |
|
|
rev138
l33t
Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA
|
| Posted: Wed Feb 04, 2004 7:10 pm Post subject: |
|
|
| I'm not running any kind of DNS on my local machine, it's from the Win2k server. |
|
| Back to top |
|
|
pheelay
Tux's lil' helper
Joined: 06 Nov 2002
Posts: 128
Location: Ireland
|
| Posted: Wed Feb 04, 2004 10:29 pm Post subject: |
|
|
On the server (running djbdns):
| Code: | # cat /etc/resolv.conf
nameserver 127.0.0.1
nameserver 192.168.0.1
nameserver isp.dns.addr.1
nameserver isp.dns.addr.2
search mshome.net |
On the client
| Code: | # cat /etc/resolv.conf
nameserver 192.168.0.1
nameserver isp.dns.addr.1
nameserver isp.dns.addr.2
search mshome.net |
I thought this might hve been a problem with may djbdns config but if rev138 has the same problem and doesn't run it.....
Also, my server/gateway is dialup  and so the isp's dns servers are not always available.
I've noticed that the time between ping replies is:
-> about 30 secs if modem is not connected.
-> about 5 secs if modem is connected.
There seems to be a packet going out (modem) and back on each ping. |
|
| Back to top |
|
|
atom
Tux's lil' helper
Joined: 25 Nov 2002
Posts: 122
Location: Columbus, Ohio, USA
|
| Posted: Sun May 09, 2004 6:09 pm Post subject: |
|
|
my network recently started doing this. i just made some major changes, but before it worked just fine. i use djbdns on an openbsd box. during the changes i upgraded from openbsd 3.4 to 3.5.
has anyone found a fix for this? |
|
| Back to top |
|
|
moby
n00b
Joined: 17 Dec 2002
Posts: 29
|
| Posted: Tue May 11, 2004 12:43 am Post subject: |
|
|
Just a guess. Is your DNS server serving up the reverse zones correctly? This will cause very very odd behavior. A lot of old applications rely on reverse lookup, and when it's not present, will work but work dog slow. See if you can do a reverse lookup.
-moby |
|
| Back to top |
|
|
atom
Tux's lil' helper
Joined: 25 Nov 2002
Posts: 122
Location: Columbus, Ohio, USA
|
| Posted: Tue May 11, 2004 1:16 am Post subject: |
|
|
| i discovered dnscache was being very slow on my dns server. so i turned it into a forwarding cache. this seems to have alleviated my problems on all but one of my machines. still curious why this one machine is having issues. maybe its time for a reboot |
|
| Back to top |
|
|
atom
Tux's lil' helper
Joined: 25 Nov 2002
Posts: 122
Location: Columbus, Ohio, USA
|
| Posted: Tue Jul 06, 2004 2:06 pm Post subject: |
|
|
| just as a follow up to this, i realized i had not set up reverse addresses in my tinydns configuration. the addition of this alleviated any problems i had. |
|
| Back to top |
|
|
|
Networking & Security
