DNS possible cause of slow response

My users are complaining of slow response accessing the Internet and accessing the application on the internal server. The slow response seems to happen in early afternoon. I am trying to narrow down the troubleshooting process. I am trying to eliminate the DNS as a possible cause of the poor performance. Is there any tool I can use to look at the latency for the name resolution for the internal DNS? Thanks
LVL 1
leblancAccountingAsked:
Who is Participating?
 
arnoldConnect With a Mentor Commented:
If you have your own DNS server, make sure if you use forwarders that those forwarders are still valid. Better still, note the forwarders, and remove them and see whether that changes the resolution part.

run nslookup -debug www.

depending on your connection, you might be able to monitor usage to see whether your WAN is saturated when this issue comes up.
0
 
leblancAccountingAuthor Commented:
What are forwarders?

"depending on your connection, you might be able to monitor usage" How do you monitor the usage of the DNS resolution? Thx
0
 
arnoldCommented:
check your internal name services to see whether it is configured to use external DNS servers to which oit will forward received requests.

You can use network monitor tool or wireshark on the dns server to see whether it is being inundated by requests and the source.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
giltjrConnect With a Mentor Commented:
forwarders are DNS servers that your DNS server is configured to forward requests to when your DNS server does not know the answer.

Your DNS server know the host names for all hosts within your domain, but it does not know ALL hosts in the Internet.  For example your DNS server does know the IP address for www.experts-exchange.com.  So when your computer asks your DNS server   to look up the address for www.experts-exchange.com, it needs to pass the request to another DNS servers.

Normally you would configure your DNS server to forward to DNS servers that your ISP provided you with.  Otherwise your DNS server would need to have what is called the root hints file.  This is a list of the root DNS servers on the Internet.
0
 
arnoldConnect With a Mentor Commented:
the bandwidth consumed by dns queries are insignificant these days to justify the use of forwarders as giltjr so kindly explained.
forwarded requests/responses might not be cached such that if your users accessing similar resources from similar sites, with forwarders they do not benefit from faster secondary responses which without forwarders will be returned from the local DNS cache.
It is possible that one of the ISPs DNS servers you have is being fixed, being hit with many other requests from other users, setups such as yours.

to get the list for hints on a linux/unix system

dig . a.root-servers.net NS > hints file

windows, as long as you do not setup the DNS as a root, it will/should have the root hints populated
matching nslookup -q=ns . a.root-servers.net
0
 
Michael RojekConnect With a Mentor Commented:
There's 11 IP tools, including a DNS auditor in the NetCrunch Tools freeware app to help you do some digging.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.