On Fri, 23 Sep 2011 20:49:59 +0000 (UTC), U vigilance
<eternalvigilance@yahoo.com> wrote:
>I am trying to figure out why my Santa Cruz mountains Surfnet WISP setup
>takes so long to load a web page (even Google's bare bones home page
>takes, sometimes far too long) so I'm trying to better understand how DNS
>servers work.
Greeting from Ben Lomond.
>What I have in my wrt54g home router is a set of three supposedly fast DNS
>servers from this DNS server list:
> http://theos.in/windows-xp/free-fast...ns-server-list
Pick your server using Google Namebench or Gibson's DNSbench.
<http://www.grc.com/dns/benchmark.htm>
<http://code.google.com/p/namebench/>
The Google version is more thorough.
>But, even so, on multiple computers in the home, Linux & Windoze, it
>takes far too long to 'get' the web pages, even though speedtest.net
>shows 18ms ping latency, 1Mbps upload, & 1.2 Mbps download.
Are you cacheing DNSlookups in your router? If so, that may be the
problem. Some routers are just plane buggy. Unfortunately, the
WRT54G is one of those. If v4 and below, you're probably ok. If v5
or v6, they're garbage. I forgot what v7 and v8 are like.
>I keep getting intermittent "Microtik hotspot errors" from Surfnet ...
>and their (rather grouchy) technical support blamed my DNS servers setup.
I see you've talked to Brett. Say hellow for me. He's really a good
guy, but thoroughly overloaded and minimally supported.
You should NOT be seeing Microtik hotspot error messages unless
SurfnetC is running their mesh as a hot spot or that you're connecting
via wireless to their Mikrotik mesh router. My guess is the latter
and that you're having connection issues between your wireless
laptop/desktop and the Mikrotic wireless router on your roof? Since
they are both operating on the same RF channel, you're going to get
intererence from other users and other mesh routers connecting to it.
>I can't prove or disprove that until/unless I better understand DNS
>servers, overall, and how they impact speed of loading (or not loading)
>web pages.
Plenty of ways to screw up DNS lookups.
>Is 'this' what happens?
>1. I type www.google.com in my laptop browser on PC 10.20.30.1
>2. That "www.google.com" request goes wirelessly to my office wrt54g
>router which is 10.20.30.40
So far, so good. Have you tried taking the office wireless link out
of the picture and connecting to the WRT54G with a CAT5 cable? You
should.
>THIS IS THE PART THAT I 'THINK' I UNDERSTAND ...
>
>3. The office wrt54g router sends that "www.google.com" request to the
>rooftop ubuquiti radio which is 192.168.10.20 but the office wrt54g
>router must also be sending its DNS server list to the bridge (right?)
>a) wrt54g DNS1 = 8.8.8.8
>b) wrt54g DNS2 = 8.8.4.4
>c) wrt54g DNS3 = 4.2.2.1
>d) wrt54g WINS = blank
Close. The WRT54G router has a DNS cache inside. It will first look
in the unspecified operating system's DNS cache on the laptop for the
IP address. If Windoze XP, you can get this list with:
ipconfig /displaydns
You can also clear it with:
ipconfig /flushdns
If there's nothing for google on the laptop, it goes to whatever is
the default gateway. If your unspecified operating system on your
laptop has 10.20.30.40 as the default gateway, it will query
10.20.30.40 for the IP address. The WRT54G router also has a DNS
cache, where it looks for a match for google.com. If found, it
returns whatever is stored. There's no way to get to the DNS lookup
table with the stock firmware.
If nothing is found in the router, it goes to the first DNS server and
queries for
www.google.com. (I do NOT want to dive into details on
how it parses the FQDN, TLD servers, or recursive lookups). If the
first DNS server is down or times out, it goes to the 2nd DNS server.
This usually takes about 30-45 seconds. If both the first and 2nd are
down, it goes to the third. It tries 3-4 times each and then gives up
with an error message, which could easily take over a minute.
>What command can I use to 'see' that DNS transaction?
What operating system are you using on your laptop?
It can't be done with the stock Linksys firmware.
>4. My rooftop ubiquiti radio sends the "www.google.com" request & DNS
>list to my rooftop antenna which sends it through the air to the Surfnet
>line-of-sight antenna on 192.168.4.1
I didn't know the SurfnetC is now using Ubiquiti. Are you sure?
>THIS IS THE PART I REALLY DON'T UNDERSTAND.
>
>5. Surfnet sees that request for "www.google.com" and the list of three
>DNS servers (I guess), and it forwards that "www.google.com" request to
>the first of those DNS servers (I guess) which is 8.8.8.8.
>
>6. The DNS server at 8.8.8.8 presumably forwards back the IP address of
>"www.google.com" (e.g., 74.125.224.112) but a "traceroute www.google.com"
>on Ubuntu doesn't seem to show any of that).
Ok, you're using Ubuntu. Good to know. Thanks.
For Ubuntu, you may or may not have the DNS cache (nscd) enabled:
<http://www.ubuntugeek.com/local-dns-cache-for-faster-browsing-on-ubuntu-machine.html>
<http://www.ubuntugeek.com/howto-clearflush-dns-cache-in-ubuntu.html>
If nscd is not installed, don't worry about the local cache. However,
if installed, look for corruption and garbage.
>HOW DO I CHECK HOW LONG THE DNS SERVER IS TAKING TO RESPOND?
Namebench or DNSbench. Namebench should run on Linux.
>Obviously I'm confused but I'm trying to debug why web pages,
>intermittently, take far too long to load (and one out of fifty fail
>outright, giving a Microtik hotspot error, 192.168.4.1).
Hint: Take as much of the intermediate hardware at your house out of
the picture. That means plug your PC directly into the
Mikrotic/Ubiquiti/whatever router. Test again.
>Is there a command that shows what is happening at the DNS server level?
Not that I know of.
--
Jeff Liebermann
jeffl@cruzio.com
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060
http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
Is there a command that shows what's happening to a WISP at the DNSserver level? 
Linear Mode
