Recently I have been having real issues with DNS lookups – with browsers, Chrome especially, giving DNS lookup errors on a frequent but intermittent basis and web browsing, particularly to new sites, being sloooowwwww.
My choice of DNS servers was the obvious culprit, so I downloaded the DNS checking tools from GMC and Google and tried those, but if anything it made it worse. The bottom line was DNS lookups (which are based on UDP) were being dropped somewhere (and I suspected my router), and it didn’t seem to matter which DNS servers I used. If I tried NSLOOKUP over TCP rather than UDP, it worked reliably and almost instantaneously, but over UDP it was unreliable and slow.
Rebooting the broadband router helped for a short while, but the problem came back and I couldn’t work out whether this was due to general internet traffic, my own other traffic, the router or something else entirely. The bottom line was sometimes it was reliable and sometimes it wasn’t.
In the end, I decided to look at how Windows uses DNS and came up with a solution which not only gives me reliable DNS lookups, but has given me the fastest web browsing I have ever had.
According to TechNet, Windows first tries your primary DNS on your primary network card, then your next DNS server on all network cards in parallel (but most people only have one card anyway), then the next DNS server on all network cards, then all DNS servers on all network cards. The default is 1 1 2 4 4 0, so it takes 4 seconds to query the first 3 servers, and then a further 8 seconds to timeout completely.
They key things in my mind were:
a. I am on broadband, so if packets are not being dropped then I should easily get a response in far less than a second.
b. If the network is acting reliably, then I should get a DNS response from the first server tried, but if the network is dropping packets for any reason, then I want to send out DNS requests in parallel as quickly as possible to enough DNS servers that one request and response will get through. DNS requests and responses are not large, so the bandwidth required for parallel requests would not be excessive.
My solution was as follows:
1. Set DNS Negative Caching TTL to zero – so any negative responses are not cached and Windows will try again (with a different DNS server) next time.
HKLMSYSTEMCurrentControlSetServicesDnscacheParametersMaxNegativeCacheTtl = DWORD:0
2. Set the DNS wait times to 1 1 1 10 10 0:
HKLMSYSTEMCurrentControlSetServicesDnscacheParametersDNSQueryTimeouts = MULTI_SZ:1 1 1 10 10 0
I wanted the total DNS timeout to be 20s-30s, and thought it unlikely that a DNS query would take more than 10s, so allowed a retry in case of a full network glitch and used 1 1 1 10 10 0 rather than 1 1 1 10 0.
3. Set the list of DNS servers as follows:
a. My own ISP’s DNS servers – closest so should be quickest.
b. Google’s public DNS servers
c. A few other public DNS servers
d. My broadband router’s DNS proxy.
Since I did this, my browsing has been rock solid and FAST!!
Hope this helps anyone else with a similar problem.
P.S. Obviously the fastest way to resolve a DNS lookup is from the cache, and I want to increase the cache effectiveness. I don’t seem to have many entries in the cache (30-40), the reason being that the TTLs are quite short. Some DNS entries have a very short TTL <60s with most <5m and all <30m. If anyone has any ideas on how to improve the time DNS entries spend in the cache, that would be welcome.
Our rural broadband is slow and unreliable anyway, at least until Openreach finish installing fibre to the cabinet, so I tend to blame any problems on that.
