Tag Archives: dns

DNS resolver changes in Ubuntu Precise (12.04)

1 Reply

One of the first things that irked me after my Precise installation was how DNS suddenly seemed slow. I normally use dnscache for local DNS caching and while setting it up this time, I noticed that oddly, 127.0.0.1 was already setup as my name server. Netstat told me that this was handled by DNSMasq for some reason. No worries, I thought, and I setup dnscache on 127.0.0.2 instead. I added the IP to the prepend nameserver option in /etc/dhcp/dhclient.conf and clicked on the NetworkManager applet to reconnect to my wireless (to trigger DHCP again).

Nothing happened. /etc/resolv.conf continued to have the mysterious 127.0.0.1 as usual. Something had changed and I started looking for answers on the web. I found a very detailed explanation for the DNS resolving changes in Precise 12.04 in this blog post by Stéphane Graber. Apparently, /etc/resolv.conf is not just completely “taken over” by resolvconf, but NetworkManager as well. There are some good reasons for this, but for my personal requirements, I can ignore those reasons right now. I like to have a say in the DNS server configuration on my system, and there doesn’t seem to be a good way to preferentially use my DNS servers. On top of this, the default DNS configuration on Precise is a non-caching one (for otherwise valid security reasons). Uh huh. NO. dnscache rules. It’s simple and to the point.

An additional look at this post by Mikhail Esteves with some trial and error, got me an easy solution.

It turns out that NetworkManager (NM) doesn’t care about any DNS based configuration in /etc/dhcp/dhclient.conf as long as /etc/NetworkManager/NetworkManager.conf has a line saying dns=dnsmasq.

To fix all this, do the following steps and the system behaviour changes to as it was previously before Precise. To summarize:

  1. Comment the line dns=dnsmasq in /etc/NetworkManager/NetworkManager.conf
  2. restart NetworkManager (sudo restart network-manager)
  3. 127.0.0.1 is now free to be used by dnscache. Configure dnscache to use this if you had modified the listening IP earlier
  4. Put your preferential DNS servers in /etc/dhcp/dhclient.conf using the line prepend domain-name-servers 127.0.0.1;, and they will be added at the top of the name servers in /etc/resolv.conf
  5. Reconnect to your network link to trigger DHCP and you are ready to go!

Ok, I must confess, all this didn’t really make DNS resolution on my system much faster :) – turns out my stupid ISP Airtel was responsible for most of it ( I am currently FUP-ed right now, and network is really weird in this state).

Quick local DNS caching for your workstation in Ubuntu

3 Replies

The latest Ubuntu releases makes it real easy to set up a local DNS cache for your workstation using dnscache from the well-known djbdns software by D. J. Bernstein.

For those who have historically installed djbdns/ucspi-tcp/daemontools from source because of distribution restrictions, things changed really for the better after DJB placed all these software in the public domain in 2007. You can now setup all this in about one minute! (depending on your Internet connection though. :-P )

To setup a local dns cache in Ubuntu (specifically, 10.04 Lucid Lynx on which I tried this), right now you need to do:

  1. Install the necessary packages:

    sudo apt-get install daemontools daemontools-run djbdns dnscache-run ucspi-tcp

    This installs all the necessary packages using Debian’s filesystem layout (not DJB’s). So all services are symlinked in /etc/service (and not in /service). dnscache files are supposed to be accessed in /etc/dnscache, and are already configured to use the root servers.
  2. Start daemontools: The daemontools scripts (actually just svscan) are setup in Ubuntu to be run using upstart and not /etc/inittab. So all you need to do now is run:
    sudo start svscan.
  3. Making the computer use the local cache permanently. The install scripts actually replace your dns servers in /etc/resolv.conf with the loopback address on which dnscache runs. So you would have already started using the dns cache already. However, if you are using DHCP with Network Manager, these changes will be overwritten the next time NetworkManager modifies resolv.conf, e.g. when the lease is renewed or you plug-in a DHCP interface again. To make this permanent, edit /etc/dhcp3/dhclient.conf, and uncomment/add a line saying prepend domain-name-servers 127.0.0.1;. Disconnect and connect to your DHCP interface again, and see the loopback address (127.0.0.1) being added at the top of the name servers in /etc/resolv.conf .
    That is it.

As usual, here are the other commands that you would be doing to manage dnscache. Read the docs for more details.

  • View dnscache logs:
    tail -F /etc/dnscache/log/main/current | tai64nlocal
  • Start dnscache: svc -u /etc/service/dnscache
  • Stop dnscache: svc -d /etc/service/dnscache
  • Restart dnscache: svc -t /etc/service/dnscache
  • Edit root servers: Edit /etc/dnscache/root/servers/@

Akamai awesomeness and Opendns lameness

5 Replies

Akamai footprint awesomeness.

My IP address.

sandipb@pluto:~$ wget -O - -q http://www.whatismyip.com/automation/n09230945.asp;echo
122.167.0.79
sandipb@pluto:~$ host 122.167.0.79
79.0.167.122.in-addr.arpa domain name pointer ABTS-KK-Dynamic-079.0.167.122.airtelbroadband.in.

Akamai CDN for downloading Adobe AIR.

sandipb@pluto:~$ host airdownload.adobe.com
airdownload.adobe.com is an alias for airdownload.wip3.adobe.com.
airdownload.wip3.adobe.com is an alias for airdownload.adobe.com.edgesuite.net.
airdownload.adobe.com.edgesuite.net is an alias for a1396.g.akamai.net.
a1396.g.akamai.net has address 203.101.62.10
a1396.g.akamai.net has address 203.101.62.11
sandipb@pluto:~$ host 203.101.62.10
10.62.101.203.in-addr.arpa domain name pointer dsl-KK-static-010.62.101.203.airtelbroadband.in.

I am downloading from a server co-located at my ISP. Industry standard in US, but I feel really great for this to be happening in India. :)

Imagine. Download server in India, three hops, 25 ms away!

sandipb@pluto:~$ mtr -i 10 203.101.62.10
My traceroute [v0.73]
pluto (0.0.0.0) Thu Apr 23 01:41:38 2009
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. 192.168.1.1 0.0% 1 1.1 1.1 1.1 1.1 0.0
2. ABTS-KK-Dynamic-001.0.167.122.airtelbroadband.in 0.0% 1 25.4 25.4 25.4 25.4 0.0
3. ABTS-KK-Static-173.32.166.122.airtelbroadband.in 0.0% 1 24.9 24.9 24.9 24.9 0.0
4. ABTS-KK-static-008.32.144.59.airtelbroadband.in 0.0% 1 39.0 39.0 39.0 39.0 0.0
5. dsl-KK-static-010.62.101.203.airtelbroadband.in 0.0% 1 25.0 25.0 25.0 25.0 0.0

    Lesson learnt: OpenDNS hurts all this goodness

Thank goodness, I moved off opendns today. This is what opendns was giving me all this past year that I was using it.

sandipb@pluto:~$ dig @208.67.222.222 airdownload.adobe.com
...
;; ANSWER SECTION:
airdownload.adobe.com. 85521 IN CNAME airdownload.wip3.adobe.com.
airdownload.wip3.adobe.com. 218 IN CNAME airdownload.adobe.com.edgesuite.net.
airdownload.adobe.com.edgesuite.net. 20721 IN CNAME a1396.g.akamai.net.
a1396.g.akamai.net. 20 IN A 204.2.160.24
a1396.g.akamai.net. 20 IN A 204.2.160.34



sandipb@pluto:~$ host 204.2.160.24
24.160.2.204.in-addr.arpa domain name pointer a204-2-160-24.deploy.akamaitechnologies.com.
sandipb@pluto:~$ ping -c 1 204.2.160.24
PING 204.2.160.24 (204.2.160.24) 56(84) bytes of data.
64 bytes from 204.2.160.24: icmp_seq=1 ttl=54 time=259 ms

A download server 260ms and 11 hops away in US.

Using opendns is breaking anything which uses CDN. Now I have used opendns for a while and it is nice at its work. But believe me, we spend more time downloading videos and text than querying DNS, and if you have a DNS cache at home (like djbdns) or even your ISP’s DNS, it works a lot as well.