[Dnsmasq-discuss] dnmasq slow for local network

Kiswono Prayogo kiswono at gmail.com
Wed Nov 4 04:47:34 GMT 2009


Hi, i use dnsmasq for resolving my local network address,
here's my /etc/hosts file (real ip and domain name changed to fake):
## cat /etc/hosts
127.0.0.1 genesis
127.0.0.1       localhost
1.1.1.1 dns00.mysecretdomain.ac.id           dns00
1.1.1.1 dns.mysecretdomain.ac.id             dns
1.1.1.1 mail.mysecretdomain.ac.id           proxy
. . .
#20 more server hosts
. . .
#and 15000 more advertisement-blocking hosts that redirected ti 1.1.1.1

# cat /etc/dnsmasq.conf | egrep -a -v '^[[:space:]]*#' $1 | egrep -a
'[[:print:]]'
cache-size=1024
bogus-nxdomain=1.1.1.1
conf-file=/etc/kyz/hosts/block
conf-file=/etc/kyz/hosts/mail

## cat /etc/resolv.conf | egrep -a -v '^[[:space:]]*#' $1 | egrep -a
'[[:print:]]'
search mysecretdomain.ac.id
nameserver 208.67.222.222 # opendns
nameserver 208.67.220.220 # opendns
nameserver 1.1.1.4 # dns4
nameserver 1.1.1.3 # dns3
nameserver 1.1.1.2 # dns2

all my client dns request was redirected to 1.1.1.1
## cat /etc/network/if-up.d/custom
#some iptables clearing rules
. . .
real1 = 1.1.1.1
reals = 1.1.1.1/28
wifis = 10.0.0.0/8
staff = 192.168.0.0/16
iptables -A PREROUTING -t nat -p TCP -s $wifis -d ! $reals --dport 53 -j
DNAT --to $real1:53
iptables -A PREROUTING -t nat -p UDP -s $wifis -d ! $reals --dport 53 -j
DNAT --to $real1:53
iptables -A PREROUTING -t nat -p TCP -s $staff -d ! $reals --dport 53 -j
DNAT --to $real1:53
iptables -A PREROUTING -t nat -p UDP -s $staff -d ! $reals --dport 53 -j
DNAT --to $real1:53
. . .
#some default rules

and the interface of the gateway server are: eth0 = 192.168.1.1, eth1 =
1.1.1.1
all clients dns configuration was set to 192.168.1.1.
and if i open for example dns00.mysecretdomain.ac.id, it always lag for 3-25
seconds (and showing "Resolving host..." on Chromium or "Looking
up dns00.mysecretdomain.ac.id...") before it show the web.. and it does not
happened for non local web..
i wonder where is the lag problem source?

Regards,
Kiswono
GB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20091104/3718f9dd/attachment.htm 


More information about the Dnsmasq-discuss mailing list