View previous topic :: View next topic |
Author |
Message |
lekto Apprentice
Joined: 20 Sep 2014 Posts: 207 Location: Ancient Rome
|
Posted: Tue Jul 09, 2024 3:33 pm Post subject: [SOLVED] Delay when pinging local domain. |
|
|
Hi, I'm working on a new firewall on OpenBSD. I've configured unbound and NSD as DNS. Pinging on the firewall works as should, same pinging global domains on Linux machine. But, when I'm pinging a local machine on Linux, there is a delay after pressing enter:
Code: | lekto@nugget ~ $ ping -c 4 gentoo.org | ts -s
00:00:00 PING gentoo.org (151.101.1.91) 56(84) bytes of data.
00:00:00 64 bytes from 151.101.1.91: icmp_seq=1 ttl=52 time=14.5 ms
00:00:01 64 bytes from 151.101.1.91: icmp_seq=2 ttl=52 time=14.4 ms
00:00:02 64 bytes from 151.101.1.91: icmp_seq=3 ttl=52 time=13.9 ms
00:00:03 64 bytes from 151.101.1.91: icmp_seq=4 ttl=52 time=14.6 ms
00:00:03
00:00:03 --- gentoo.org ping statistics ---
00:00:03 4 packets transmitted, 4 received, 0% packet loss, time 3003ms
00:00:03 rtt min/avg/max/mdev = 13.949/14.360/14.593/0.246 ms
lekto@nugget ~ $ ping -c 4 firewall | ts -s
00:00:08 PING firewall.domi (192.168.0.1) 56(84) bytes of data.
00:00:08 64 bytes from _gateway (192.168.0.1): icmp_seq=1 ttl=255 time=0.121 ms
00:00:08 64 bytes from _gateway (192.168.0.1): icmp_seq=2 ttl=255 time=0.148 ms
00:00:09 64 bytes from _gateway (192.168.0.1): icmp_seq=3 ttl=255 time=0.182 ms
00:00:10 64 bytes from _gateway (192.168.0.1): icmp_seq=4 ttl=255 time=0.187 ms
00:00:10
00:00:10 --- firewall.domi ping statistics ---
00:00:10 4 packets transmitted, 4 received, 0% packet loss, time 9616ms
00:00:10 rtt min/avg/max/mdev = 0.121/0.159/0.187/0.026 ms |
As you can see, there is a eight seconds delay before the first message is printed when pinging the firewall.
When I run dig firewall on Linux machine I'm getting instant reply:
Code: | lekto@nugget ~ $ dig firewall.domi
; <<>> DiG 9.16.48 <<>> firewall.domi
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 535
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;firewall.domi. IN A
;; ANSWER SECTION:
firewall.domi. 1043 IN A 192.168.0.1
;; Query time: 0 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Tue Jul 09 17:30:54 CEST 2024
;; MSG SIZE rcvd: 58 |
Any ideas what is going on or how to debug it?
Last edited by lekto on Tue Jul 16, 2024 5:54 pm; edited 1 time in total |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20485
|
Posted: Tue Jul 09, 2024 4:20 pm Post subject: Re: Delay when pinging local domain. |
|
|
lekto wrote: | there is a eight seconds delay before the first message is printed when pinging the firewall. | I'd first look at logs on the firewall to see if there is anything obvious. I've seen local DNS lookup issues cause "weird" behavior. Maybe try enabling options for verbose logging.
Next, I'd look at tcpdump and wireshark, capturing packets from both ends. That is from the client doing the ping and also from the firewall side.
There is somewhat of a balancing act on using those tools versus digging for verbose logging options. I don't look at packet logs often, so I have a re-learning curve whenever I do it.
EDIT: By the way, capturing packets to logs will consume a LOT of disk space, so be sure to stop logging on both ends after the 8 second delay is over. By that point you should have what you need. A lot happens in 8 seconds. _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
lekto Apprentice
Joined: 20 Sep 2014 Posts: 207 Location: Ancient Rome
|
Posted: Tue Jul 16, 2024 5:53 pm Post subject: |
|
|
I was missing a reverse DNS. It surprised me because I was focused on _gateway. I have a machine that is called gateway, but I didn't understand why it is here (it is on another network, where nugget was previously connected) and why it starts with underscore. I didn't know that _gateway has a special meaning. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|