Pol, You can "audit" your traffic by getting a pcap via tcpdump and then analyzing it in wireshark. Packets don't lie.
John Sent from Nine<http://www.9folders.com/> From: Pol Hallen <bin...@fuckaround.org> Sent: Sep 21, 2016 2:35 PM To: bind-users@lists.isc.org Subject: Re: forwarder (YES/NO) hello again! > try running dig +trace <host> and see how fast it runs. It should return > in about same time as BIND does (when it doesn't have anything in cache). ; <<>> DiG 9.10.3-P4-Debian <<>> +trace @192.168.1.212 yahoo.it ; (1 server found) ;; global options: +cmd . 518367 IN NS d.root-servers.net. . 518367 IN NS g.root-servers.net. . 518367 IN NS e.root-servers.net. . 518367 IN NS h.root-servers.net. . 518367 IN NS b.root-servers.net. . 518367 IN NS c.root-servers.net. . 518367 IN NS a.root-servers.net. . 518367 IN NS l.root-servers.net. . 518367 IN NS i.root-servers.net. . 518367 IN NS m.root-servers.net. . 518367 IN NS k.root-servers.net. . 518367 IN NS j.root-servers.net. . 518367 IN NS f.root-servers.net. . 518396 IN RRSIG NS 8 0 518400 20161004170000 20160921160000 46551 . tZptpyBClVtkAbyo4NOR2MgHDoq67TlImcBVzZORhn7C2c557prmG42J sSPD8aZmisk3bbUJbmqFVFB/M2y/O4zjw3jBf42ujHce99VD3xCeJuk7 boGW356J6c7JaApB02GRf3SGQIv7x6MVyBmGeKxAosEePlbfjg/8NPEY +y0= ;; Received 397 bytes from 192.168.1.212#53(192.168.1.212) in 2 ms it. 172800 IN NS a.dns.it. it. 172800 IN NS m.dns.it. it. 172800 IN NS r.dns.it. it. 172800 IN NS dns.nic.it. it. 172800 IN NS nameserver.cnr.it. it. 86400 IN NSEC itau. NS RRSIG NSEC it. 86400 IN RRSIG NSEC 8 1 86400 20161004170000 20160921160000 46551 . LL0eXWf22Lhhi5C0P+PX446JQH+GwCFhxU7tkUUF9wyG+pQ0eDCnpTu0 vm0ww/3YycmNJwlF3IHJmLIh2l7htSW6G/o2/ozNbZU6RF9pMhKxQNrJ aE6hf4L+Ka1N5uNstgJzrE6pV9ouXOJmL0Epoa3gUnbSZcFHH5QrKbu6 AfQ= ;; Received 545 bytes from 192.58.128.30#53(j.root-servers.net) in 577 ms yahoo.it. 10800 IN NS ns2.yahoo.com. yahoo.it. 10800 IN NS ns1.yahoo.com. yahoo.it. 10800 IN NS ns5.yahoo.com. yahoo.it. 10800 IN NS ns7.yahoo.com. yahoo.it. 10800 IN NS ns3.yahoo.com. ;; Received 136 bytes from 194.0.16.215#53(a.dns.it) in 136 ms yahoo.it. 300 IN A 106.10.212.24 yahoo.it. 300 IN A 98.137.236.24 yahoo.it. 300 IN A 77.238.184.24 yahoo.it. 300 IN A 212.82.102.24 yahoo.it. 300 IN A 74.6.50.24 yahoo.it. 86400 IN NS ns3.yahoo.com. yahoo.it. 86400 IN NS ns2.yahoo.com. yahoo.it. 86400 IN NS ns1.yahoo.com. yahoo.it. 86400 IN NS ns4.yahoo.com. yahoo.it. 86400 IN NS ns5.yahoo.com. ;; Received 380 bytes from 68.180.131.16#53(ns1.yahoo.com) in 173 ms same problem... bind is too slow... the situation change (very fast) if I use bind like resolver forwarders { 8.8.8.8; } I don't understand why without resolver my bind is so slow... how I can audit the problem? thanks! :-) >> but testing 127.0.0.1, bind keep also 4000/5000ms to resolve a query > > >> forwarders { >> 127.0.0.1; >> } > > do you forward to yourself??? unfortunately looking for bind on internet there're many wrong howto :-/ Pol _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
