Slow DNS response times (Unbound DNS + Adguard Home) - how to fix?

[SilentNomad]

I am experiencing issues with slow DNS response times (Unbound DNS + Adguard Home).

1. I have Adguard Home running in a container in Proxmox on its own VLAN xx.
2. In Adguard Home, I have defined Upstream DNS servers to 192.168.1.1:5353, and I have also defined Private reverse DNS servers to 192.168.1.1:5353.
3. In OPNsense, I have changed the Unbound DNS port to 5353.
4. In Services: Unbound DNS: DNS over TLS, I have defined: 1.1.1.1, 1.1.1.3, 149.112.112.112, and 9.9.9.9.
5. In System: Settings: General, I have set the DNS Server to the IP address of my AdGuard Home container.
6. Similarly, I have set the IP address of my AdGuard Home container under each interface in Services: ISC DHCPv4.

In Unbound statistics, I get:
Recursion time (average): 0.081140

In Adguard Home, I get an Average processing time of 82 ms.



Running OPNsense 24.1.7-amd64
AdGuard Home Version: v0.107.49


Do you have any suggestions on what I can do to reduce the response time?

[SilentNomad]

Hello again,

I have observed that if I only have a few DNS servers defined in Unbound DNS: DNS over TLS, the response time is faster.
For example, when I have only defined 1.1.1.1 and 1.1.1.3, I get response times of around 50-60 ms.
Is it possible to have multiple DNS servers defined under Unbound DNS: DNS over TLS and still achieve fast response times?

[Legally a Shrimp]

Hello again,

I have observed that if I only have a few DNS servers defined in Unbound DNS: DNS over TLS, the response time is faster.
For example, when I have only defined 1.1.1.1 and 1.1.1.3, I get response times of around 50-60 ms.
Is it possible to have multiple DNS servers defined under Unbound DNS: DNS over TLS and still achieve fast response times?

This won't help you, probably, but I cannot reproduce this on my end using 24.1.7_4.

Does this behavior change if you explicitly set the outgoing network interface to just your WAN interface (in unbound's General options, advanced view)?

[janstadt]

Any updates on this? I just noticed that my unbound response times are like 156ms and i have this same setup. I honestly dont know if its an issue, but ive been experiencing odd results with my devices (typically wifi so i doubt its this) connecting to an AP and then no longer getting internet until i toggle wifi on/off/on. That seems more like AP issues than DNS but for every issue i've debugged, im always shocked at how many times it ends up being DNS.