Re: [Dnsmasq-discuss] Logging milliseconds//Addendum
Hi ! Many thanks for your investigation !!! I'll not bother you or anyone in any way, but we may just have different perspectives to see the problem. I just tell my opinion about the log - noone should start to patch something. I am also the type, which waits for distro updates ... to shy to install from source. My log-example was mainly to show, that DNSMasq COULD give a better help through it logs - it was not thought to explain the problem. That, what you asked to me, exactly that - so I think - should answer the log ... pobably, one day. I think, I have good control over my environment and I ensure, if I make tests like my DNS tests, that the line is not loaded ! The log-example stems just from real-live, were countless apps are running and different computer are up. There is, for example, a RSS reader, which starts batch-loads for a big list of websites - just to explain, why I do not wonder about the logfile. There is much more, like over 20 Virusprotection solution, which updates every hour ... So I'll start to make a tool, which systematically answers some (all known open/free DNS in Germany) and measure the overall response. Will need some time, so. In the meantime, I am using the DNS from the ISP - anyway what may cause the problem, if I use the DNS from ISP, I never have problems at all . !!! If this would not be the case, I really would also suspect DNSMasq (indirectly), because this runs on a stonehenge old box, with really no memory free I see in my syslog, the Nagios command sometimes fail, due to not enough memory. This cannot be fixed very fast - too many thing on my list. But a new firewall machine is already on the table ... Thanks again and my best regards, Manfred [I hope, this "reply all" will not cause another thread ...] > -Original Message- > From: Albert ARIBAUD [mailto:albert.arib...@free.fr] > Sent: Tuesday, June 21, 2016 8:05 PM > To: ma...@manfbraun.de > Cc: dnsmasq-discuss@lists.thekelleys.org.uk > Subject: Re: [Dnsmasq-discuss] Logging milliseconds//Addendum > > Hi Manfred, > > Le Tue, 21 Jun 2016 17:30:13 +0200 >a écrit: > > > Hi All ! > > > > I just changed some free DNS against some other free DNS > > and now, I have more problems then bevore. Though I'll > > extend my logging thoughs: In the DNSMasq answer is not > > visible which of dns provided the answer - that makes diag > > problematic. > > Seems you started a new thread while I was answering on the previous > one. > > Short answer: I would suggest that you avoid trying "this and that" as > well as ad hoc patching", and that you follow a more systematic approach > to solving your problem, by running tcpdump on the machine which hosts > your dnsmasq. > > Also, you should really try and make other hypotheses than just your ISP > messing with DNS. For instance, have you tried to find out how much of > your uplink bandwidth you're using? Because if your uplink saturates, > then UDP packets sch as DNS requests might get dropped by your ISP's > modem. > > > Thanks anyway, > > Manfred > > Amicalement, > -- > Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Logging milliseconds
Hi ! If it comes to webbrowsing, it comes to complexity. But if I wish to analyze dns, I go to the commandline. If one has 30 instances of Firefox, you cannot control something - it is always slower, while for Chrome, due to its multiprocess design, it keeps fast. So I usually do not look at apps, I look to the network. I make direct test to dns and there is really the problem. So I present a little dnsmasq log here: Q Jun 21 13:14:46 dnsmasq[28673]: query[A] startpage.com from 192.168.26.9 Jun 21 13:14:46 dnsmasq[28673]: forwarded startpage.com to 213.73.91.35 Jun 21 13:14:46 dnsmasq[28673]: query[A] startpage.com.mbg.local from 192.168.26.9 Jun 21 13:14:46 dnsmasq[28673]: config startpage.com.mbg.local is NXDOMAIN-IPv4 Jun 21 13:14:46 dnsmasq[28673]: query[A] startpage.com from 192.168.26.9 Jun 21 13:14:46 dnsmasq[28673]: forwarded startpage.com to 213.73.91.35 Jun 21 13:14:46 dnsmasq[28673]: query[A] www.manne.eu.mbg.local from 192.168.26.254 Jun 21 13:14:46 dnsmasq[28673]: config www.manne.eu.mbg.local is NXDOMAIN-IPv4 Jun 21 13:14:51 dnsmasq[28673]: query[A] startpage.com from 192.168.26.9 Jun 21 13:14:51 dnsmasq[28673]: forwarded startpage.com to 85.214.73.63 Jun 21 13:14:51 dnsmasq[28673]: query[A] startpage.com from 192.168.26.9 Jun 21 13:14:51 dnsmasq[28673]: forwarded startpage.com to 85.214.73.63 Jun 21 13:14:56 dnsmasq[28673]: query[A] startpage.com.mbg.local from 192.168.26.9 Jun 21 13:14:56 dnsmasq[28673]: config startpage.com.mbg.local is NXDOMAIN-IPv4 Jun 21 13:14:56 dnsmasq[28673]: query[A] startpage.com.mbg.local from 192.168.26.9 Jun 21 13:14:56 dnsmasq[28673]: config startpage.com.mbg.local is NXDOMAIN-IPv4 Jun 21 13:14:56 dnsmasq[28673]: query[A] startpage.com from 192.168.26.9 Jun 21 13:14:56 dnsmasq[28673]: forwarded startpage.com to 213.73.91.35 Jun 21 13:15:01 dnsmasq[28673]: query[A] startpage.com from 192.168.26.9 Jun 21 13:15:01 dnsmasq[28673]: forwarded startpage.com to 85.214.73.63 Jun 21 13:15:01 dnsmasq[28673]: query[A] www.manfbraun.de from 192.168.26.254 Jun 21 13:15:01 dnsmasq[28673]: cached www.manfbraun.de is 84.201.92.70 Jun 21 13:15:01 dnsmasq[28673]: query[] www.manfbraun.de from 192.168.26.254 Jun 21 13:15:01 dnsmasq[28673]: forwarded www.manfbraun.de to 213.73.91.35 Jun 21 13:15:06 dnsmasq[28673]: query[A] startpage.com.mbg.local from 192.168.26.9 Jun 21 13:15:06 dnsmasq[28673]: config startpage.com.mbg.local is NXDOMAIN-IPv4 Jun 21 13:15:06 dnsmasq[28673]: query[A] startpage.com from 192.168.26.9 Jun 21 13:15:06 dnsmasq[28673]: forwarded startpage.com to 213.73.91.35 R Jun 21 13:15:06 dnsmasq[28673]: reply startpage.com is 37.0.87.19 You'll easily see, that the first request to "startpage.com" [markey by Q] is followed by several other and even to different DNS, and the first reply arrives 20 seconds (!!) later [marked by R] and you'll not know, which DNS provided the answer. Has nothing to do with other apps-delays. A good logentry would look like this: > Jun 21 13:15:06.987 dnsmasq[28673]: reply startpage.com for client-req 192.168.26.10 (at Jun 21 13:15:05.337) is 37.0.87.19 from 213.73.91.35 [made it two lines]. I have the problem for a long time now and the provider always claims to fixed it - was never true. I think, they have a random genrator to make disturbences. I just this moment entered the IPS-DSN and everyworks well. Sad, that dnsmasq is not able to provide a protocol - I'll develop something on my own. Regards, Manfred > -Original Message- > From: Albert ARIBAUD [mailto:albert.arib...@free.fr] > Sent: Tuesday, June 21, 2016 5:36 PM > To: ma...@manfbraun.de > Cc: dnsmasq-discuss@lists.thekelleys.org.uk > Subject: Re: [Dnsmasq-discuss] Logging milliseconds > > Bonjour, > > Le Tue, 21 Jun 2016 16:41:02 +0200 >a écrit: > > > Hello ! > > > > Ok, for a short moment, this might be ok. > > Why 'for a short moment'? The only limit is storage for the tcpdump > dump to file, and that's relatively dense. Even if the machine on which > you are running tcpdump does not have enough storage space, it could > always send the output over the network to e.g. your desktop or laptop > machine, which is certainly able to handle it. > > > But request/response usually > > dont follow each other directly, because there are some more of them > > "on the road". DNSMasq has already all this internally, while > > externally, one must really write a piece of tracker, which is able > > to wait for the answer of each request. Not a nice bash onliner .. ;-) > > Wireshark is able to map responses to requests; in fact, in the packet > display window, it provides clickable links to jump from one to the > other. Wireshark also computes the time elapsed between request and > response, and displays it in the response packet. And you can export > all this as text, including references between requests and responses > and their time deltas. > > Granted, if you want to do
Re: [Dnsmasq-discuss] Logging milliseconds
Hello ! Ok, for a short moment, this might be ok. But request/response usually dont follow each other directly, because there are some more of them "on the road". DNSMasq has already all this internally, while externally, one must really write a piece of tracker, which is able to wait for the answer of each request. Not a nice bash onliner .. ;-) But my question was just, if something like a format statement for the logoutput exists. It this exist (and I do not see it) then everything is already done. It's because I see huge delay for apps nearly each day. The provider declared to have the issue fixed. Sort of. The port are not longer blocked - but now, there are huge delay. The may probably have a contract with the NSA ;-) Thanks anyway, Manfred > -Original Message- > From: Albert ARIBAUD [mailto:albert.arib...@free.fr] > Sent: Monday, June 20, 2016 3:09 PM > To: ma...@manfbraun.de > Cc: dnsmasq-discuss@lists.thekelleys.org.uk > Subject: Re: [Dnsmasq-discuss] Logging milliseconds > > Hi, > > Le Mon, 20 Jun 2016 13:13:26 +0200 >a écrit: > > > Hello ! > > > > I am just facing the situation, that my dns-request needing a very > > long time, and this is wether my requesting client, nor dnsmasq. It's > > the provider trying my attempt to ignore his DNSs and use free DNSs, > > as we have several here in Germany. > > > > Its not a whole week gone, when I opened an issue about DNS blocking. > > It was that, I have enough facts - I'll not try to write whole story > > here. But at that last issue, I found me in the situation, where I > > want to analyse dnsmasq's log. > > > > I am missing [wrote about that here more then a year ago: > > DNSMASQ log output format] the relationship between a clients > > request and dnsmasq's answer to it. There can be several in > > progress ... From the log, you'll not see it. > > > > Today, due to the DNS blocking story, I want to make a stats over > > the log, but it contains only seconds in the timestamp, were I > > wished it to have milliseconds too. Is that possible ? I cannot > > find something about this. > > > > Additionally, at best, I would fetch the output, if I start the > > process by myself and pipe its output directly. Probably not > > doable for me. I would write a mini program in C# ... Another > > solution would be, to create a pipe in the filesystem and define > > it as the logfile for the dnsmasq. I have done this, at least with > > apache, it works (Apache has the charm, to be able to host > > a program und pump it's output into it - but thats easy for me). > > > > Wether or not, without milliseconds, it would be sensless. > > > > Any help, notes and hints are very welcome !! > > If you can run wireshark or even simply tcpdump on the machine that runs > dnsmasq, then you could log DNS requests and replies with accurate time > stamping. Would this be enough for you? > > > Thanks anyway, > > Amicalement, > -- > Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Logging milliseconds
Hello ! I am just facing the situation, that my dns-request needing a very long time, and this is wether my requesting client, nor dnsmasq. It's the provider trying my attempt to ignore his DNSs and use free DNSs, as we have several here in Germany. Its not a whole week gone, when I opened an issue about DNS blocking. It was that, I have enough facts - I'll not try to write whole story here. But at that last issue, I found me in the situation, where I want to analyse dnsmasq's log. I am missing [wrote about that here more then a year ago: DNSMASQ log output format] the relationship between a clients request and dnsmasq's answer to it. There can be several in progress ... From the log, you'll not see it. Today, due to the DNS blocking story, I want to make a stats over the log, but it contains only seconds in the timestamp, were I wished it to have milliseconds too. Is that possible ? I cannot find something about this. Additionally, at best, I would fetch the output, if I start the process by myself and pipe its output directly. Probably not doable for me. I would write a mini program in C# ... Another solution would be, to create a pipe in the filesystem and define it as the logfile for the dnsmasq. I have done this, at least with apache, it works (Apache has the charm, to be able to host a program und pump it's output into it - but thats easy for me). Wether or not, without milliseconds, it would be sensless. Any help, notes and hints are very welcome !! Thanks anyway, ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] DNSMASQ log output format
Hello ! I am just trying to understand how my VPN and my iptables work together. In this process, I missed, that dnsmasq shows me to whom a reply or config logentry would be send - there are too many concurrently - so it looks. If dnsmasq would log the requestor address in each following line, this would be a big help. There is currently no chance to change the logformat. Just my notes. Thanks anyway and best regards, Manfred ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] DNSMASQ log output format
Hello ! I am just trying to understand how my VPN and my iptables work together. In this process, I missed, that dnsmasq shows me to whom a reply or config logentry would be send - there are too many concurrently. If dnsmasq would log the requestor address in each following line, this would be a big help. There is currently no chance to change the logformat. Just my notes. Thanks anyway and best regards, Manfred ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Understanding the (g)PXE options
Hello ! I am seeing configuration entries like this: dhcp-boot=net:#gpxe,gpxe.pxe and I am asking, what the misterious net is in this line. I am working since days to make some form of network boot going, without success ... I am on the way to find out, what all the - more or less - messy instructions on this earth are try to tell me bootps, etherboot, PXE, gPXE, iPXE, Syslinux, PxeLinux [ok, frust; the latter was not the question ... ;-) ]. Thanks anyway, ++mabra ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss