how-to block ads
[IA] Clinton, IA area non-Mediacom DNS
The past few weeks, I have had to adjust DNS servers on business customers to a higher timeout. The servers are configured to use Root Hints for resolution as historically Mediacom's DNS servers provide a spam page instead of simply returning a lookup failure. The latency seems to be a problem when configuring the servers to use any other third party DNS as well. Ping times to any server involved are just fine (25-40ms on average.) Is Mediacom making another bold step into the world of penny scraping by traffic shaping DNS traffic that goes outside of their realm in hopes that users will say to hell with it and use their ad and spam (and sometimes virus-malware) laced DNS server? Lookups are frequently timing out at 3 seconds now when for years that time-out factor has worked out fine. What has changed? Why has it changed? As I said, ping times to these servers are good. Lookup times are 2 to 5 seconds on average, and even the worst DSL competitor in town is seeing responses to the SAME SERVERS in under 1 second. This is not a client issue unless there are 50 or so servers with the same problem. It's not a router issue as none of the ones impacted have this same issue when connected via DSL, nor are any of these routers these junk Netgear/Linksys/D-Link/Belkin garbage they sell at Office Max. There is no excuse for this to be a problem, and if it IS traffic shaping that is causing the problem then WE have a problem.
Every couple weeks for the last six months SOMETHING with Mediacom is causing problems, and it's getting old. CenturyLink is starting to look like a possible alternative more each day.
said by netman61270 :I assume by this you're saying that you (or someone else) has set up recursive resolvers on site for these businesses, and that those resolvers are having problems getting answers in a timely manner.
The servers are configured to use Root Hints for resolution"
What software are you talking about here? BIND? unbound? Microsoft DNS? Also, what servers, exactly, are you seeing issues with? The root servers? The a-m.gtld-servers.net servers? Some other authoritative servers? Have you tried a dig +trace from the resolver to see where exactly the slowdown is occurring? What log messages (if any) have you seen regarding timeouts in resolution?
said by netman61270 :Try traceroutes to the following IPs, and use a couple that are closest to you, hop-wise, and one other that's on a different subnet, if you want. If the issue you're seeing is network latency, I don't know that it will help, but try some lookups and see if they are faster than doing your own recursion. Or you could configure them as forwarders.
their ad and spam (and sometimes virus-malware) laced DNS server
126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124
Servers at those IPs are just running BIND, nothing else.