Grumpy4 Premium Member join:2001-07-28 NW CT |
Grumpy4
Premium Member
2014-May-29 11:59 am
[DNS] DNS issues?Even though I consistently get 30 Mbps down and 5 Mbps up speeds with my Comcast HSI, I often encounter very lengthy wait states when trying to navigate from one web page to another. After running Steve Gibson's DNS Bench, I got this message: ````` It appears that only one local (router gateway) DNS nameserver, with the IP address of [192.168.10.1], is currently providing all DNS name resolution services to this system. This configuration is not recommended because most consumer-grade routers provide inefficient and under-powered DNS resolution services. Recommended Actions: Unless you have some specific reason not to, you should give serious thought to disabling your router's provisioning of DNS services (which it is providing for all computers on your local network). After this is done, a fresh reboot of your computers will likely reveal the multiple DNS nameservers provided by your ISP. This is a superior configuration, without an under-powered router acting as a incompetent middleman and impeding all DNS access. `````` Any suggestions as to how to get this router » www.manualslib.com/manua ··· 3gr.htmlTo comply with the above suggestions? Thanks |
|
tshirt Premium Member join:2004-07-11 Snohomish, WA 1 edit
1 recommendation |
tshirt
Premium Member
2014-May-29 12:19 pm
said by Grumpy4:with the IP address of [192.168.10.1], Which is likely your probably your router, or maybe the computer you used to test with 's IP. which may not have the horsepower to maintain a large DNS cache. On the router and each computer your want to set the DHCP to provide the DNS addresses automatically, OR to use 75.75.75.75 or 75.75.76.76 as the first 2 primary DNS providers.. Those are the anycast addresses for Comcast's DNSSEC secure DNS servers and should be the first 2 it checks, you can have others listed which it will check in order if the first fails to reply. (more than 3-4 is overkill) » dns.comcast.net/index.php/help |
|
|
to Grumpy4
I don't see any obvious way in that manual to allow DNS pass-thru, where DHCP just passes on the DNS entries it gets. As mentioned, you can try manually setting your computer to use the two listed IP's (75.75.75.75 and 75.75.76.76) which will override DHCP's settings, and then see if it makes any difference. |
|
|
to Grumpy4
Try using public nameservers such as Google, or OpenDNS.
Google: 8.8.8.8 8.8.4.4
OpenDNS: 208.67.222.222 208.67.220.220
These are generally faster then Comcast because of their cache. |
|
|
|
But, these can screw up CDN services. Also, most computers will cache entries for awhile, so once it gets the IP, it will keep using it until told to expire it. |
|
Grumpy4 Premium Member join:2001-07-28 NW CT |
to andyross
said by andyross:I don't see any obvious way in that manual to allow DNS pass-thru, where DHCP just passes on the DNS entries it gets. That's what I'm seeing as well. I'm currently of a mind that the slowdowns are being caused by local Comcast issues, for now I'm back to quicker page loads. My thanks to all for the help. |
|
mackey Premium Member join:2007-08-20 |
to andyross
said by andyross:But, these can screw up CDN services. While possible it's not likely. Google has a bunch all over the place so you'll most likely get the same ones you'd get from the CC name servers. For me they're in the same city so I definitely won't see any difference. /M |
|
tshirt Premium Member join:2004-07-11 Snohomish, WA |
tshirt
Premium Member
2014-Jun-7 8:49 pm
said by mackey:Google has a bunch all over the place so you'll most likely get the same ones you'd get from the CC name servers. However under the current IPv6 config, ONLY Comcast (and those few they choose to share with) knows where you are so standard CDN would be as lost as the Comcast branded/hosted Ookla speed test (which sees most people 5-10k miles from any test site, even when correctly identified via IPv4) Unless you allow a persistent cookies or other locator beacons, best choice are the DNSSEC servers. If properly set on the network DHCP controller (often a/the router) or on each computer, they are quite zippy and beat any secure, non-redirecting (and free) servers according to the GRC test for IPv4 (probably v6 too ) |
|
1 recommendation |
to mackey
said by mackey:said by andyross:But, these can screw up CDN services. While possible it's not likely. Google has a bunch all over the place so you'll most likely get the same ones you'd get from the CC name servers. For me they're in the same city so I definitely won't see any difference. It could still make a difference as services like Netflix make direct connections with ISP's. It's possible Google DNS or others could point at a generic CDN server, whereas Comcast DNS may point at a direct connection server. |
|
ARRIS SB6183 Ubiquiti EdgeRouter X Cisco SPA112
1 edit |
Comcast secondary name servers are not necessarily the best in regards to distance, for example, in my area, the secondary name server is located in Texas. Your free to use whatever name servers you want.
3 te-2-5-0-2-ar01.elmhurst.il.chicago.comcast.net (68.86.189.141) 16.164 ms te-2-6-0-11-ar01.elmhurst.il.chicago.comcast.net (68.86.197.117) 15.144 ms 4 he-2-4-0-0-cr01.chicago.il.ibone.comcast.net (68.86.91.37) 18.226 ms 18.258 ms 5 pos-1-9-0-0-cr01.newyork.ny.ibone.comcast.net (68.86.86.41) 17.085 ms 18.057 ms 6 * * 7 et-9-3-0-0-ar01.bisbee.tx.houston.comcast.net (68.86.95.222) 56.561 ms 56.416 ms 8 ae-1-0-ar01.bearcreek.tx.houston.comcast.net (68.85.245.153) 55.318 ms 68.85.245.158 (68.85.245.158) 56.524 ms 9 ae-11-0-sur01.greenspoint.tx.houston.comcast.net (68.85.246.98) 51.154 ms 51.984 ms 10 te-9-1-ur01.greenspoint.tx.houston.comcast.net (68.85.244.150) 58.221 ms te-9-1-ur02.greenspoint.tx.houston.comcast.net (68.85.245.58) 57.474 ms 11 te-8-2-ur01.greenspoint.tx.houston.comcast.net (68.85.248.25) 57.485 ms 57.507 ms 12 cdns02.comcast.net (75.75.76.76) 57.263 ms 57.119 ms
However OpenDNS has both of their nameservers in Chicago. 7 vl-3612-ve-236.ebr2.Chicago2.Level3.net (4.69.158.238) 15.245 ms vl-3610-ve-234.ebr2.Chicago2.Level3.net (4.69.158.230) 15.350 ms 8 ae-204-3604.edge2.Chicago2.Level3.net (4.69.158.61) 19.748 ms ae-102-3502.edge2.Chicago2.Level3.net (4.69.158.5) 15.250 ms 9 OPEN-DNS-IN.edge2.Chicago2.Level3.net (4.30.175.70) 10.306 ms 10.427 ms 10 resolver1.opendns.com (208.67.222.222) 16.863 ms 15.646 ms
7 vl-3612-ve-236.ebr2.Chicago2.Level3.net (4.69.158.238) 15.172 ms vl-3611-ve-235.ebr2.Chicago2.Level3.net (4.69.158.234) 15.252 ms 8 ae-204-3604.edge2.Chicago2.Level3.net (4.69.158.61) 15.322 ms ae-103-3503.edge2.Chicago2.Level3.net (4.69.158.9) 15.252 ms 9 OPEN-DNS-IN.edge2.Chicago2.Level3.net (4.30.175.70) 9.730 ms 10.174 ms 10 resolver2.opendns.com (208.67.220.220) 15.414 ms 16.339 ms |
|
mackey Premium Member join:2007-08-20 |
to andyross
said by andyross:It could still make a difference as services like Netflix make direct connections with ISP's. It's possible Google DNS or others could point at a generic CDN server, whereas Comcast DNS may point at a direct connection server. While possible it's not likely. Netflix is most likely simply advertising a route to their (local?) AS over the direct Comcast links. /M |
|
|
to nightwalker
said by nightwalker:Comcast secondary name servers are not necessarily the best in regards to distance, for example, in my area, the secondary name server is located in Texas. Your free to use whatever name servers you want. DNS servers are normally a very tiny amount of the time spent accessing sites. Remember that computers, and I assume other devices, do cache DNS addresses locally for either a fixed time or possibly if the DNS return gives an expiration time. Unless you are constantly changing servers, DNS is probably not going to make much of a difference. |
|