[Dnsmasq-discuss] Two questions about the cache and how dnsmasq forwards queries
SamLT
samuel.lethiec at intelunix.fr
Fri Feb 12 15:06:44 GMT 2010
>
> > -> Is my ISP doing something weird? Is it normal that the CNAME link is
> > expired _that_ soon?
> >
> >
>
> Imagine this: www.google.com has a time-to-live of 60s. Someone using
> your ISP looks up www.google.com and your ISPs nameservers go to
> Google's nameservers and get the record, with a time to live of 60s.
> That record stays in the ISP nameserver cache. 59 seconds later _you_
> look up www.google.com. The record is still in the cache, it had a TTL
> of 60s and was collected 59s ago, so it has 1s left to live. The
> namesevers give you the answer you want, with a TTL of 1s.
>
I see what you mean, but, I used one query for www.google.com as an
example, but every query for www.google.com that I checked had this TTL of
1s (well I see 0s diff between the reply time and the expiration date).
> For popular domains, you would expect any busy caching server to return
> TTL values evenly distributed between the TTL in the authoritative
> server and 1s. For rare domains, which probably aren't cached when you
> first look them up, the TTL will normally be the full length given by
> the authoritative server.
>
This also happen for almost every other query. Especially, every domains
that I _really_ would like dnsmasq to use its cache for seems to suffer
from this problem.
But it looks like only those CNAMEs have this TTL of 1s, the NAMEs
(eg: www.l.google.com) have a more reasonnable TTL.
Is there a way around this? I mean, for the time I'm playing with dnsmasq,
www.google.com has always been a CNAME to(/for?) www.l.google.com. This may
be hardcoded somewhere, with a script running from time to time assuring
this is still true?
> >
> > As for the second part of my original mail:
> >
> >>> -> dnsmasq is supposed to help me saving bandwidth, but when it forwards a
> >>> query, it forwards it to every nameserver (well, most of the time at
> >>> least), isn't there a way to make it forward to only one server at a time,
> >>> and to try an other one only if there was a problem (not found, server
> >>> down..)
> >>>
> >> It will normally forward to one nameserver, but every 10 seconds or
> >> 50 queries it sends to all, to find which is fastest. If you are
> >> testing and sending a test query every 10 seconds or so, then it
> >> might look like most queries go to all servers, but under load
> >> that's not true.
> >>
I cannot confirm this viewing the log. dnsmasq seems to forward to all
nameservers way too often, at least, there is neither 10 seconds nor 50
queries between two times dnsmasq forwards to all.
I'm sorry but I'm a bit lost there, if you have the time the log is
available here:
-> compressed http://sam.intelunix.fr/samlt-dnsmasq.log.bz2 (323K)
-> uncompressed http://sam.intelunix.fr/samlt-dnsmasq.log (7.7M)
Doesn't dnsmasq keep a list of forwarded queries? As I can see on the log,
it often forwards several times the same query instead of waiting for
either a reply or a given timeout.
(it forwards them several times because the same or an other client ask
dnsmasq fagain or the same query.)
Search for the string "au.download.windowsupdate.com" in the beginning of
the log to see what I'm talking about.
> >
> > Well, I can't say that's what I see.
> > I've attached a small awk script to parse the log:
> >
> > dnsmasq -dq --log-facility=/tmp/test.log
> > awk -f dns.awk test.log | less
> >
> > Here is part of the output:
> > name | nb | forwarded | answered from cache
> > * larrymovies.sexy.easyrencontre.com | 4 | 8 | 0
> > * www.google-analytics.com | 103 | 157 | 0
> > * java.KUTLUFAMILY.COM | 1 | 2 | 0
> > * cdd.linternaute.com | 2 | 4 | 0
> > DSI-555D0E365B5.sydonia | 11 | 2 | 10
> > * edb.linternaute.com | 2 | 3 | 0
> > [ .... snip .... ]
> > * www.logistiqueconseil.org | 2 | 4 | 0
> > * www.bmmetrix.com | 7 | 11 | 0
> > * news.fr.msn.com | 117 | 184 | 0
> > * dl8.freeav.net | 2 | 4 | 0
> > * www.ifurta.droit.u-3mrs.fr | 7 | 10 | 0
> > * m1.emea.2mdn.net | 12 | 20 | 0
> > * 89221e8c4a08c8f8.users.storage.live.com | 3 | 5 | 0
> > * images.logicimmo.com | 2 | 4 | 0
> >
> > total: | 20839 | 34104 | 1026
> >
> >
> > (I think it's self explanatory, but I may be wrong)
> >
> > As you can see on the last line, dnsmasq received 8824 queries, and
> > forwarded 14329. This is due to dnsmasq often forwarding the queries to
> > the two nameservers I have configured instead of just one. I could of
> > course, configure dnsmasq to only forward to one nameserver, but it isn't a
> > solution.
> >
> >
> > Am I doing something wrong? I'm using dnsmasq-2.52-1 on a debian testing system.
> >
> >
>
> The "answered from cache" numbers seem to be very low. Could you look at
> the logs and try and get a better idea of exactly what's happening? Do
> you clients have their own caches? If so that would obviously
> dramatically reduce the cache hit-rate.
There was a typo in awk script for the total sum of the queries "answered from
cache", the output is fixed above, but it's still very low. I think that's
mainly because of the first problem (TTL of 1s).
The clients are just windows computer with nothing fancy, so if there is no
cache in a default windows (XP) OS, then they don't have any cache.
By looking at the log, it doesn't look like they have any sort of dns
caching done anyway.
>
>
> Cheers,
>
Thanks for your help so far
> Simon.
>
sam
-------------- next part --------------
( $4 ~ /dnsmasq\[[0-9]+\]:/ ) {
if ( $5 == "query[A]") {
query[$6]++;
} else {
if ( $5 == "forwarded" )
forwarded[$6]++;
else
if ( $5 == "cached" )
cached[$6]++;
}
}
END {
queries=0;
qforwarded=0
qacache=0
printf " %40s | nb | forwarded | answered from cache \n", "name";
for (name in query) {
printf "%s%40s | %9d | %9d | %9d\n", \
( forwarded[name] > query[name] ? "*" : " "), \
name, \
query[name], \
forwarded[name], \
cached[name];
queries += query[name];
qforwarded += forwarded[name];
qacache += cached[name];
}
print "";
printf " %40s | %9d | %9d | %9d\n", "total:", queries, qforwarded, qacache;
}
More information about the Dnsmasq-discuss
mailing list