dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1457

Grumpy4
Premium Member
join:2001-07-28
NW CT

Grumpy4

Premium Member

[DNS] DNS issues?

Even though I consistently get 30 Mbps down and 5 Mbps up speeds with my Comcast HSI, I often encounter very lengthy wait states when trying to navigate from one web page to another. After running Steve Gibson's DNS Bench, I got this message:

`````
It appears that only one local (router gateway) DNS nameserver, with the IP address of [192.168.10.1], is currently providing all DNS name resolution services to this system. This configuration is not recommended because most consumer-grade routers provide inefficient and under-powered DNS resolution services.
Recommended Actions:

Unless you have some specific reason not to, you should give serious thought to disabling your router's provisioning of DNS services (which it is providing for all computers on your local network). After this is done, a fresh reboot of your computers will likely reveal the multiple DNS nameservers provided by your ISP. This is a superior configuration, without an under-powered router acting as a incompetent middleman and impeding all DNS access.
``````

Any suggestions as to how to get this router
»www.manualslib.com/manua ··· 3gr.html
To comply with the above suggestions?
Thanks

tshirt
Premium Member
join:2004-07-11
Snohomish, WA

1 edit

1 recommendation

tshirt

Premium Member

said by Grumpy4:

with the IP address of [192.168.10.1],

Which is likely your probably your router, or maybe the computer you used to test with 's IP. which may not have the horsepower to maintain a large DNS cache.

On the router and each computer your want to set the DHCP to provide the DNS addresses automatically, OR to use 75.75.75.75 or 75.75.76.76 as the first 2 primary DNS providers.. Those are the anycast addresses for Comcast's DNSSEC secure DNS servers and should be the first 2 it checks, you can have others listed which it will check in order if the first fails to reply. (more than 3-4 is overkill)

»dns.comcast.net/index.php/help

andyross
MVM
join:2003-05-04
Aurora, IL

andyross to Grumpy4

MVM

to Grumpy4
I don't see any obvious way in that manual to allow DNS pass-thru, where DHCP just passes on the DNS entries it gets. As mentioned, you can try manually setting your computer to use the two listed IP's (75.75.75.75 and 75.75.76.76) which will override DHCP's settings, and then see if it makes any difference.

nightwalker
Nightwalker
join:1999-08-07
Chicago, IL

nightwalker to Grumpy4

Member

to Grumpy4
Try using public nameservers such as Google, or OpenDNS.

Google:
8.8.8.8
8.8.4.4

OpenDNS:
208.67.222.222
208.67.220.220

These are generally faster then Comcast because of their cache.

andyross
MVM
join:2003-05-04
Aurora, IL

andyross

MVM

But, these can screw up CDN services. Also, most computers will cache entries for awhile, so once it gets the IP, it will keep using it until told to expire it.

Grumpy4
Premium Member
join:2001-07-28
NW CT

Grumpy4 to andyross

Premium Member

to andyross
said by andyross:

I don't see any obvious way in that manual to allow DNS pass-thru, where DHCP just passes on the DNS entries it gets.

That's what I'm seeing as well.

I'm currently of a mind that the slowdowns are being caused by local Comcast issues, for now I'm back to quicker page loads.

My thanks to all for the help.

mackey
Premium Member
join:2007-08-20

mackey to andyross

Premium Member

to andyross
said by andyross:

But, these can screw up CDN services.

While possible it's not likely. Google has a bunch all over the place so you'll most likely get the same ones you'd get from the CC name servers. For me they're in the same city so I definitely won't see any difference.

/M

tshirt
Premium Member
join:2004-07-11
Snohomish, WA

tshirt

Premium Member

said by mackey:

Google has a bunch all over the place so you'll most likely get the same ones you'd get from the CC name servers.

However under the current IPv6 config, ONLY Comcast (and those few they choose to share with) knows where you are so standard CDN would be as lost as the Comcast branded/hosted Ookla speed test (which sees most people 5-10k miles from any test site, even when correctly identified via IPv4)
Unless you allow a persistent cookies or other locator beacons, best choice are the DNSSEC servers.
If properly set on the network DHCP controller (often a/the router) or on each computer, they are quite zippy
and beat any secure, non-redirecting (and free) servers according to the GRC test for IPv4 (probably v6 too )

andyross
MVM
join:2003-05-04
Aurora, IL

1 recommendation

andyross to mackey

MVM

to mackey
said by mackey:

said by andyross:

But, these can screw up CDN services.

While possible it's not likely. Google has a bunch all over the place so you'll most likely get the same ones you'd get from the CC name servers. For me they're in the same city so I definitely won't see any difference.

It could still make a difference as services like Netflix make direct connections with ISP's. It's possible Google DNS or others could point at a generic CDN server, whereas Comcast DNS may point at a direct connection server.

nightwalker
Nightwalker
join:1999-08-07
Chicago, IL
ARRIS SB6183
Ubiquiti EdgeRouter X
Cisco SPA112

1 edit

nightwalker

Member

Comcast secondary name servers are not necessarily the best in regards to distance, for example, in my area, the secondary name server is located in Texas. Your free to use whatever name servers you want.

3 te-2-5-0-2-ar01.elmhurst.il.chicago.comcast.net (68.86.189.141) 16.164 ms te-2-6-0-11-ar01.elmhurst.il.chicago.comcast.net (68.86.197.117) 15.144 ms
4 he-2-4-0-0-cr01.chicago.il.ibone.comcast.net (68.86.91.37) 18.226 ms 18.258 ms
5 pos-1-9-0-0-cr01.newyork.ny.ibone.comcast.net (68.86.86.41) 17.085 ms 18.057 ms
6 * *
7 et-9-3-0-0-ar01.bisbee.tx.houston.comcast.net (68.86.95.222) 56.561 ms 56.416 ms
8 ae-1-0-ar01.bearcreek.tx.houston.comcast.net (68.85.245.153) 55.318 ms 68.85.245.158 (68.85.245.158) 56.524 ms
9 ae-11-0-sur01.greenspoint.tx.houston.comcast.net (68.85.246.98) 51.154 ms 51.984 ms
10 te-9-1-ur01.greenspoint.tx.houston.comcast.net (68.85.244.150) 58.221 ms te-9-1-ur02.greenspoint.tx.houston.comcast.net (68.85.245.58) 57.474 ms
11 te-8-2-ur01.greenspoint.tx.houston.comcast.net (68.85.248.25) 57.485 ms 57.507 ms
12 cdns02.comcast.net (75.75.76.76) 57.263 ms 57.119 ms

However OpenDNS has both of their nameservers in Chicago.
7 vl-3612-ve-236.ebr2.Chicago2.Level3.net (4.69.158.238) 15.245 ms vl-3610-ve-234.ebr2.Chicago2.Level3.net (4.69.158.230) 15.350 ms
8 ae-204-3604.edge2.Chicago2.Level3.net (4.69.158.61) 19.748 ms ae-102-3502.edge2.Chicago2.Level3.net (4.69.158.5) 15.250 ms
9 OPEN-DNS-IN.edge2.Chicago2.Level3.net (4.30.175.70) 10.306 ms 10.427 ms
10 resolver1.opendns.com (208.67.222.222) 16.863 ms 15.646 ms

7 vl-3612-ve-236.ebr2.Chicago2.Level3.net (4.69.158.238) 15.172 ms vl-3611-ve-235.ebr2.Chicago2.Level3.net (4.69.158.234) 15.252 ms
8 ae-204-3604.edge2.Chicago2.Level3.net (4.69.158.61) 15.322 ms ae-103-3503.edge2.Chicago2.Level3.net (4.69.158.9) 15.252 ms
9 OPEN-DNS-IN.edge2.Chicago2.Level3.net (4.30.175.70) 9.730 ms 10.174 ms
10 resolver2.opendns.com (208.67.220.220) 15.414 ms 16.339 ms

mackey
Premium Member
join:2007-08-20

mackey to andyross

Premium Member

to andyross
said by andyross:

It could still make a difference as services like Netflix make direct connections with ISP's. It's possible Google DNS or others could point at a generic CDN server, whereas Comcast DNS may point at a direct connection server.

While possible it's not likely. Netflix is most likely simply advertising a route to their (local?) AS over the direct Comcast links.

/M

andyross
MVM
join:2003-05-04
Aurora, IL

andyross to nightwalker

MVM

to nightwalker
said by nightwalker:

Comcast secondary name servers are not necessarily the best in regards to distance, for example, in my area, the secondary name server is located in Texas. Your free to use whatever name servers you want.

DNS servers are normally a very tiny amount of the time spent accessing sites. Remember that computers, and I assume other devices, do cache DNS addresses locally for either a fixed time or possibly if the DNS return gives an expiration time. Unless you are constantly changing servers, DNS is probably not going to make much of a difference.