DNS Processsing Time faster with Public DNS Servers

Started by coffeecup25, Today at 02:57:50 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 02:57:50 PM Last Edit: Today at 03:37:56 PM by coffeecup25
While researching a question about alternate Unbound DNS ports for Adguard Home in OPNsense, I discovered something odd about DNS response times.

Originally, except for the changed port to accommodate Adguard Home, Unbound was set up just about like it comes out of the initial install. I was using it in the most plain vanilla way. Maybe a couple of boxes are checked on the initial page because a tutorial for Adguard Home told me to.

For some reason, I toggled over to the Query Forwarding page and noticed the checkbox 'Use System Nameservers'. For fun I checked it and saw it referenced the public DNS Servers I had listed on the System Settings General page. (OPNsense won't update, for me, without at least one listed there.)

Because of the Unbound DNS Port tests I was doing, I had been clearing Adguard Home's queries count frequently.

Finally - My point.

Using Unbound, Adguard Home stated my Average Processing Time was in the 40ms range while the Average Upstream Response Time was in the 80ms range, but some ports raised it to the 100ms range (probably a one-off there concerning the 100ms)

Using Unbound with 'Use System Nameservers' checked, (in other words, ignore Unbound and use Public DNS Servers)  my Average Processing Time is 13ms  range while the Average Upstream Response Time is 43ms. It's been in this configuration all night so there has been plenty of time for the numbers to reflect normal use.

Why are run of the mill public DNS servers much faster than Unbound? I can even see a 'snappiness' that wasn't there before when browsing the web.

(Regarding ports for Unbound, I decided to remain with 5353 because it was already there, it had been used for a year with no problems, and lots of tutorials also used 5353, which is where I got the idea to use it.)
Today at 05:13:33 PM #1 Last Edit: Today at 05:15:11 PM by nero355
Quote from: coffeecup25 on Today at 02:57:50 PMWhy are run of the mill public DNS servers much faster than Unbound?
Because you share their "Cache Pool" so to speak with a lot of other users and a lot of domains may already be cached :)

And this :
Quote from: coffeecup25 on Today at 02:57:50 PMUsing Unbound, Adguard Home stated my Average Processing Time was in the 40ms range while the Average Upstream Response Time was in the 80ms range, but some ports raised it to the 100ms range (probably a one-off there concerning the 100ms)
Could be a case of geographical location of the domain you are trying to access or some kind of congestion on their network.
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Today at 05:29:49 PM #2
Quote from: nero355 on Today at 05:13:33 PM
Quote from: coffeecup25 on Today at 02:57:50 PMWhy are run of the mill public DNS servers much faster than Unbound?
Because you share their "Cache Pool" so to speak with a lot of other users and a lot of domains may already be cached :)

And this :
Quote from: coffeecup25 on Today at 02:57:50 PMUsing Unbound, Adguard Home stated my Average Processing Time was in the 40ms range while the Average Upstream Response Time was in the 80ms range, but some ports raised it to the 100ms range (probably a one-off there concerning the 100ms)
Could be a case of geographical location of the domain you are trying to access or some kind of congestion on their network.

You provided things to think about.

But I didn't even know what Unbound was several months ago. It was only a word some people used when talking about DNS. I was using it with pfSense without knowing it. Same with OPNsense when I changed over.

That being said, I got into a big argument with a regular here who insisted Unbound was the best alternative. Until yesterday, I believed that. Normal ordinary DNS is much faster.

Re your 'Geographical Donains' idea: Not possible. Adguard Home filters thousands of queries and hour when my streaming TV gets involved and I have several Roku Boxes in the house active at all times.

Re Cache pool: Ok faster is faster no matter of the background conditions.
Today at 05:54:42 PM #3
Quote from: coffeecup25 on Today at 05:29:49 PMRe your 'Geographical Donains' idea: Not possible. Adguard Home filters thousands of queries and hour when my streaming TV gets involved and I have several Roku Boxes in the house active at all times.
What do you mean exactly ?!

When you run Unbound as the Forward DNS Server for AdGuard you can experience such geographical delays and that's why they are shown in your statistics.

I can see the same thing in my Pi-Hole Query Log because I use Unbound as Forward DNS Server in Recursive DNS Server Mode and Unbound in OPNsense has the same function by default as far as I know.

This is my configuration : https://docs.pi-hole.net/guides/dns/unbound/#what-does-this-guide-provide
You can read there how a Recursive DNS Server works ;)
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Today at 06:11:42 PM #4 Last Edit: Today at 06:15:52 PM by coffeecup25
Quote from: nero355 on Today at 05:54:42 PM
Quote from: coffeecup25 on Today at 05:29:49 PMRe your 'Geographical Donains' idea: Not possible. Adguard Home filters thousands of queries and hour when my streaming TV gets involved and I have several Roku Boxes in the house active at all times.
What do you mean exactly ?!

When you run Unbound as the Forward DNS Server for AdGuard you can experience such geographical delays and that's why they are shown in your statistics.

I can see the same thing in my Pi-Hole Query Log because I use Unbound as Forward DNS Server in Recursive DNS Server Mode and Unbound in OPNsense has the same function by default as far as I know.

This is my configuration : https://docs.pi-hole.net/guides/dns/unbound/#what-does-this-guide-provide
You can read there how a Recursive DNS Server works ;)

Whatever the reason, you keep agreeing with me and fighting with yourself.

Normal DNS is faster than unbound. Quite the surprise. I changed over from unbound yesterday.

And to be clear, I am using Opnsense System settings DNS. Not Adguard.
Today at 06:27:16 PM #5
Quote from: coffeecup25 on Today at 06:11:42 PMWhatever the reason, you keep agreeing with me and fighting with yourself.
Dude you are being weird... I am just trying to help you and explain a few things... No need to be like that...
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Today at 07:55:25 PM #6 Last Edit: Today at 08:00:38 PM by coffeecup25
Quote from: nero355 on Today at 06:27:16 PM
Quote from: coffeecup25 on Today at 06:11:42 PMWhatever the reason, you keep agreeing with me and fighting with yourself.
Dude you are being weird... I am just trying to help you and explain a few things... No need to be like that...

Nothing needed explaining. DNS is faster one way vs another. Adguard Home proves it objectively.  I'm not trying to fix anything. Unbound delivered a surprising result.

If there is an Unbound setting that can speed everything up by a factor of 2 or more, that would be great to know. Then it would be competitive with ordinary outside DNS servers specified on the OPNsense systems page.
Print
Go Up Pages1
User actions