• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 131
  • Last Modified:

DNS possible cause of slow response

My users are complaining of slow response accessing the Internet and accessing the application on the internal server. The slow response seems to happen in early afternoon. I am trying to narrow down the troubleshooting process. I am trying to eliminate the DNS as a possible cause of the poor performance. Is there any tool I can use to look at the latency for the name resolution for the internal DNS? Thanks
4 Solutions
If you have your own DNS server, make sure if you use forwarders that those forwarders are still valid. Better still, note the forwarders, and remove them and see whether that changes the resolution part.

run nslookup -debug www.

depending on your connection, you might be able to monitor usage to see whether your WAN is saturated when this issue comes up.
leblancAccountingAuthor Commented:
What are forwarders?

"depending on your connection, you might be able to monitor usage" How do you monitor the usage of the DNS resolution? Thx
check your internal name services to see whether it is configured to use external DNS servers to which oit will forward received requests.

You can use network monitor tool or wireshark on the dns server to see whether it is being inundated by requests and the source.
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

forwarders are DNS servers that your DNS server is configured to forward requests to when your DNS server does not know the answer.

Your DNS server know the host names for all hosts within your domain, but it does not know ALL hosts in the Internet.  For example your DNS server does know the IP address for www.experts-exchange.com.  So when your computer asks your DNS server   to look up the address for www.experts-exchange.com, it needs to pass the request to another DNS servers.

Normally you would configure your DNS server to forward to DNS servers that your ISP provided you with.  Otherwise your DNS server would need to have what is called the root hints file.  This is a list of the root DNS servers on the Internet.
the bandwidth consumed by dns queries are insignificant these days to justify the use of forwarders as giltjr so kindly explained.
forwarded requests/responses might not be cached such that if your users accessing similar resources from similar sites, with forwarders they do not benefit from faster secondary responses which without forwarders will be returned from the local DNS cache.
It is possible that one of the ISPs DNS servers you have is being fixed, being hit with many other requests from other users, setups such as yours.

to get the list for hints on a linux/unix system

dig . a.root-servers.net NS > hints file

windows, as long as you do not setup the DNS as a root, it will/should have the root hints populated
matching nslookup -q=ns . a.root-servers.net
Michael RojekCommented:
There's 11 IP tools, including a DNS auditor in the NetCrunch Tools freeware app to help you do some digging.

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now