Help with routing

Discussion in 'Noob Central' started by SuperGenii, Jan 27, 2016.

  1. SuperGenii

    SuperGenii www.DataMCP.com

    Joined:
    Apr 9, 2011
    Messages:
    136
    Likes Received:
    16
    Trophy Points:
    63
    Location:
    Southern California
    Perhaps one of you could help steer me in the right direction here.

    I have built my own linux based router, so I can route in IPs for server hosting (not mailing) to host my mailers, because my primary upstream provider is a rip off in terms of leasing public IPs..

    I have my routers public IP on eth0 and my LAN on eth1.

    Long story short is everything works well except DNS fails intermittently when I have all engines queued as if I hit a traffic bottleneck or limit.. Even when its not mailing, pinging any domain takes too long IMO.

    Accessing IPs.. no problem.. But pinging domains out lag a good 5 or 10 seconds before the pings respond. Clearly a DNS routing issue.

    Note that I am routing thousands of IPv6 and IPv4 - pinging both domain types lags..

    Any tricks or sysctl / iptables settings to improve traffic through the router? Why is the ping lagging before the response and how to I lower this lag time? Any thoughts suggestions would be appreciated.

    Thanks for your help
    SG
     
  2. docbrown

    docbrown Member

    Joined:
    Jan 4, 2013
    Messages:
    60
    Likes Received:
    14
    Trophy Points:
    8
    Need more DNS info. Where is your DNS server/recursor? Ont he router, Local LAN, public? What kind of response times are you seeing when you use Dig to query at your DNS server?
     
  3. SuperGenii

    SuperGenii www.DataMCP.com

    Joined:
    Apr 9, 2011
    Messages:
    136
    Likes Received:
    16
    Trophy Points:
    63
    Location:
    Southern California
    Using google's public DNS. My options are limited for IPv6..

    SG
     
  4. docbrown

    docbrown Member

    Joined:
    Jan 4, 2013
    Messages:
    60
    Likes Received:
    14
    Trophy Points:
    8
    Willing to bet that is your issue right there. Local caching resolver would make your problems disappear. You could even just run an instance of it right on your linux router.
     
  5. nickphx

    nickphx VIP

    Joined:
    Apr 2, 2011
    Messages:
    1,140
    Likes Received:
    363
    Trophy Points:
    83
    Gender:
    Male
    Location:
    guadalajara, chiuhuahua
  6. SuperGenii

    SuperGenii www.DataMCP.com

    Joined:
    Apr 9, 2011
    Messages:
    136
    Likes Received:
    16
    Trophy Points:
    63
    Location:
    Southern California
    Thank you both for your help. I didn't have a chance to play with it yesterday but I will try again today.

    I assume bind will accomplish this for me? Unless you have an another recommended option?

    SG
     
  7. docbrown

    docbrown Member

    Joined:
    Jan 4, 2013
    Messages:
    60
    Likes Received:
    14
    Trophy Points:
    8
    Yes BIND would work.
    I've been using PowerDNS for years and it has been rock solid. You'd only need the pdns-recursor package as they package their Authoritative and recursor servers separately.
    https://doc.powerdns.com/md/recursor/
     
  8. nickphx

    nickphx VIP

    Joined:
    Apr 2, 2011
    Messages:
    1,140
    Likes Received:
    363
    Trophy Points:
    83
    Gender:
    Male
    Location:
    guadalajara, chiuhuahua
    bind is alright.. I guess it depends on the volume of dns queries you need to perform.. I have a two-tier resolver setup . Each MTA vm has it's own local resolver configured to rotate through 6 'upstream' resolvers that do the internet bound queries. With this setup I can run ~100k qps without loss caused by resource contention.
     
  9. SuperGenii

    SuperGenii www.DataMCP.com

    Joined:
    Apr 9, 2011
    Messages:
    136
    Likes Received:
    16
    Trophy Points:
    63
    Location:
    Southern California
    Just for the record, and I don't think it matters, this is for IPv6.

    Since my router is already a DNS server running BIND, and I noticed it was not properly set to cache, I am just tweaking that and testing it now..

    Thanks again guys.. Its nice to know there are still people around here who know what they are talking about...

    SG
     
  10. SuperGenii

    SuperGenii www.DataMCP.com

    Joined:
    Apr 9, 2011
    Messages:
    136
    Likes Received:
    16
    Trophy Points:
    63
    Location:
    Southern California
    Damn fellas.. Night and day performance difference..

    Muchos Thankos..

    SG
     
  11. docbrown

    docbrown Member

    Joined:
    Jan 4, 2013
    Messages:
    60
    Likes Received:
    14
    Trophy Points:
    8
    Nice! Glad you got it working
     
  12. SuperGenii

    SuperGenii www.DataMCP.com

    Joined:
    Apr 9, 2011
    Messages:
    136
    Likes Received:
    16
    Trophy Points:
    63
    Location:
    Southern California
    # dig ipv6.google.com
    ;; Query time: 180 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)


    immediately followed again by:

    # dig ipv6.google.com
    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)

    :D

    cache = cash...

    SG
     
  13. DAgent

    DAgent Moderator

    Joined:
    Mar 14, 2011
    Messages:
    452
    Likes Received:
    115
    Trophy Points:
    43
    Home Page:
    Ok glad cache worked for you.

    I was going to suggest to use ipv4 for AAAA DNS queries, since they work just as well. Make sure you have at least one IPv4 assigned to use it as a DNS client and it should do it!

    Thanks
     

Share This Page