Solved

Speed up DNS resolution

Posted on 2016-08-09
19
56 Views
Last Modified: 2016-08-18
On one of our domains, our customer's website loads very slow the first time.  After that, it loads at a normal speed for the remainder of the time the user is logged in.  All other users also have slow loads the first time, and when they log out and back in, slow loads the first time.

It looks like an issue with DNS resolution on the first load, and in all the other domains it works just fine.  Is there a good way I can speed up this resolution without manually setting the DNS<>IP in the event the site changes location?
0
Comment
Question by:Dustin Saunders
  • 12
  • 6
19 Comments
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41748943
Other possibility is that the pictures of that domain are not optimized and the first time until they are cached is slower.  It is possible to know what the website is?.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 41748970
Highly improbably it's a DNS issue (since a computer only needs to query the DNS server once, meaning logging in and out shouldn't have been slow, since it already know the IP address). Not only that, with a slow DNS resolution, the site would still be responding well after the initial pause. It shouldn't be slow throughout the whole first login procedure.
 Better look at other options (as described above). Could be bandwidth of the server, caching, session settings.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41748991
OK.  You could add a local entry into hosts file in a given PC to test.  So no external DNS resolution is needed.  This is just to test.

IP       host
x.x.x.x  web.site.com

The hosts file is in Windows/sytem32/drive folder.  Open it with adminitrator access.

If still slow I think it is other issue.  If works fine, you could try to change to another DNS servers... just to test.

..MFlores..
0
 
LVL 12

Author Comment

by:Dustin Saunders
ID: 41749137
I tried adding a host file entry, but it's still slow.  So it's likely not a DNS issue.  But the page (https://docs.su-inc.com/training/HelpFile/sql/Tutorials.htm ) is literally just a few lines of text.  It's ONLY slow on one domain, and on every computer on that domain.  Any computer on any other domain, no issue.  Disjoin a computer from one domain, move to the other, no issue.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41749290
Maybe a connection problem... any bad performance proxy or web cache?... the router itself?
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41749294
What is "very slow"?
0
 
LVL 12

Author Comment

by:Dustin Saunders
ID: 41749298
"very slow" = ~15-20 seconds.  Subsequent loads are instantaneous.

All computers and domains are behind the same firewall, no web proxies.
0
 
LVL 5

Accepted Solution

by:
Manuel Flores earned 500 total points
ID: 41749301
Makes this test sense for you?;

There are differences x10 between first and second accesses.

Test
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41749307
15-20... too much...
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41749313
any domain policy?... a traffic shapping rule into the firewall for that network?... very strange indeed.  If done properly, the hosts config would be enough to discard the DNS problem, however you could change to another DNS server to test.
0
 
LVL 12

Author Comment

by:Dustin Saunders
ID: 41749329
No traffic shaping on the firewall, testing on another DNS server same results.  I'm not sure what else it could be?  All other websites seem to behave normally.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41749338
Different internet explorers... mozilla, chrome, etc. ?
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41749347
If you have a secondary simple router/adsl, I would try to conect it as a second gateway and try to use it to compare.  Or better replace disconnect the firewall and use the second router instead... same internal IP

I would suspect on the firewall... some rule with content filter enabled for that domain, or similar...
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41750468
Hi.  Did you test anything more?.

1.  I was thinking if maybe the domain force the user profile cache or roaming cache to some network share.  I suppose the internet explorer cache is emptied on each logoff so every logon the cache must be hit and filled.  Maybe any network timeout on this point is the cause.

2.  Also a group policy restriction on your local domain for websites or internet clients which prevent from load the website until something timeouts.

3.  You can get some clue from the firewall log, filtering when the DNS request is done, when the http connects and maybe other hidden activity that may throw some light.

Anyway, to diagnose so weird issue it is necessary to try change something until the issue is gone so we can focus on that element, try other ISP if you can, other router, different firewall or a new clean rule specific for this case.

..MFlores..
0
 
LVL 12

Author Comment

by:Dustin Saunders
ID: 41750939
1. Doesn't seem to be the issue.
2. I tried a user excluded from all GPO, but first launch is still slow.
3. Nothing unique in the firewall that indicates an issue to those computers.  (All computers in all other domains behind the same firewall).

I can't change the firewall/switches as this is a production RDP server-- but it's a virtual server on a physical host that has VMs on the other domains too.  Since only one domain has the issue it doesn't seem to be a global hardware/firewall rule.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41751118
Related issue.  I know... very far but related to terminal servers environments and certificate.  Your site uses a https access... maybe something relate with certificates and roots AC validation.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/b8e58d83-3178-4490-b4f4-1c6e5542c39a/rdp-slow-initial-connection?forum=winserverTS

Basically;

THE FIX:

The fix is simple, make the following changes in your group policy:

Computer Configuration --- Policies --- Administrative Templates --- System --- Internet Communication Settings

Configure the setting for "Turn off Automatic Root Certificates Update" set it to ENABLED
0
 
LVL 12

Author Comment

by:Dustin Saunders
ID: 41751126
Hmm.. well, it doesn't hurt to test so I'll try this during the maintenance window tonight.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41751130
Even, maybe, publish that web to use http instead of https.  Just to test.  It is accessible without ssl?
0
 
LVL 12

Author Closing Comment

by:Dustin Saunders
ID: 41761559
Not sure what the problem was but it seems to have resolved itself after a couple of days.  Thanks for looking at this.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
This video discusses moving either the default database or any database to a new volume.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now