Information about DNS and network

Latest Posts

Cloudflare DNS very slow in my area…Any fix?

[UPDATE] I checked with this site: https://www.dnsleaktest.com and discovered that it was using a server located in Hong Kong, despite the fact that I live in Southeast Asia. I am supposed to be connected to my home country, not Hong Kong. Any fix for that?

About a week ago, I noticed a slowdown on one of my favourite websites. My first thought is to change the DNS, so I switch to Google DNS for the duration of the session, and the site loads almost instantly.

I recently began testing with a piece of software called DNSBench. After conducting testing, I’ve discovered that Cloudflare DNS servers perform significantly worse in Uncached (103ms) and Dotcom (359ms) performance. Even more so with 1.0.0.1. According to DNSBench, OpenDNS’s DNS servers are the fastest for me.

Therefore, why did I experience a slowdown? I check this website: https://www.cloudflarestatus.com/ and see that my country is listed as “Operating.” I also live in the same state as the Cloudflare server, so I should be immune to this latency issue. Please take note that I am not an expert on DNS; my apologies.

submitted by /u/Working_Dealer_5102
[link] [comments]

Powered by WPeMatico

Viewing each step of a DNS lookup

Not sure of all the correct terminology, so apologies if I get terms wrong.

Say I want to resolve google.com using a cloudflare dns server (1.1.1.1) but via the hostname (one.one.one.one), I could use a command like

nslookup google.com one.one.one.one

My understanding is that the process would be as follows:

1) Resolve one.one.one.one

1a) Contact the . authoritative server via the hints file to find the IP for the .one authoritative server

1b) Contact the .one server to find the ip for the one.one authoritative server

1c) Repeat until it has the ip for one.one.one.one (e.g. 1.1.1.1)

2) Contact 1.1.1.1 to ask for the ip for the google.com authoritative server

3) Contact the google.com authoritative server for the www.google.com IP address

So essentially two rounds of DNS lookups

Questions

1) Is my understanding correct? I only ever see examples using an IP to specify the DNS server

2) How does this work if there are no hints files or similar available. Will it just outright fail?

3) (and this is the main thrust of the topic) Is there a built-in way to view (for interest purposes) each step happening without having to use something like wireshark, or would I need to script it manually?

thanks in advance

submitted by /u/PikachuFloorRug
[link] [comments]

Powered by WPeMatico

BIND9 does work but also doesnt?

My BIND9-DNS Server is able to resolve the zone for our domain example.com totally fine.

As soon as i try to resolve e.g. google.de , or any domain that is not handled by the DNS it returns status: REFUSED when using dig on the cllient.

When i use dig with google.de on the DNS-Server itself i get a valid answer (142.251.36.227).

The /etc/resolv.conf on the server is set to 127.0.0.1 (to itself) while the forwarders on the zone „.“ {} are set to our routers ip (192.168.178.1).

The /etc/resolv.conf of our client is set to 192.168.1.228 which is the DNS-Servers ip.

I cannot see why the server itself should be able to resolv external domains but not his clients, since he is basically a client for itself.

Also, the named.conf.options says allow-query { any; }; which should allow queries from anywhere. Firewall is disabled.

Any ideas?

submitted by /u/Gandalf1783
[link] [comments]

Powered by WPeMatico

Cannot find where my DNS is recorded

I need to enable DMARC on our emails.

We have bought our domain DomainWeBought.ca from Tucows.com.

However, the Tucows webpage –https://tucowsdomains.com/provider-result/– says this is Google:

The provider information for DomainWeBought.ca:

Registration Service Provider: Google Domains

[registrar@google.com](mailto:registrar@google.com)

+1.8772376466

My questions are:

  1. What Tucows says the domain is registered on Google Domains. Is this correct?
  2. If 1 is correct, to enable DMARC, I should do it from Google Domains. Is this correct?
  3. If 1 & 2 are correct, I should add the TXT to enable DMARC on Google Domains; however, I cannot find a way to do so. I also tried contacting Google to no avail.

Thanks in advance!

submitted by /u/Dazzling-Grade9179
[link] [comments]

Powered by WPeMatico