From owner-freebsd-questions@FreeBSD.ORG Fri Jan 5 22:24:09 2007 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8766E16A407 for ; Fri, 5 Jan 2007 22:24:09 +0000 (UTC) (envelope-from bobmc@bobmc.net) Received: from smtp-out.fcibroadband.com (smtp-out.fcibroadband.com [64.119.104.17]) by mx1.freebsd.org (Postfix) with ESMTP id 4EF8513C442 for ; Fri, 5 Jan 2007 22:24:09 +0000 (UTC) (envelope-from bobmc@bobmc.net) Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp-in1.fcibroadband.com (Postfix) with ESMTP id C02F11B1A88 for ; Fri, 5 Jan 2007 17:24:08 -0500 (EST) Received: from smtp-out1 ([127.0.0.1]) by localhost (smtp-out1 [127.0.0.1]) (amavisd-new, port 10025) with SMTP id 18648-07 for ; Fri, 5 Jan 2007 17:24:03 -0500 (EST) Received: from [192.168.1.100] (unknown [209.104.171.81]) by smtp-out.fcibroadband.com (Postfix) with ESMTP id D5B911B1768 for ; Fri, 5 Jan 2007 17:24:02 -0500 (EST) Message-ID: <459ED002.2080406@bobmc.net> Date: Fri, 05 Jan 2007 17:24:02 -0500 From: bobmc User-Agent: Thunderbird 1.5.0.4 (X11/20060615) MIME-Version: 1.0 To: questions@freebsd.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Subject: Re: network tuning and performance troubleshooting X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2007 22:24:09 -0000 Ian Smith wrote: > > Message: 18 > > Date: Thu, 04 Jan 2007 18:05:27 -0500 > > From: Bob McIsaac > > > Doug Hardie wrote: > > > > > > On Jan 3, 2007, at 22:57, Bob McIsaac wrote: > > > > > >> Problem: Browser status 'looking up address' for 10 seconds for any > > >> web page clicked. Slashdot takes almost a minute to load. But FTP > > >> performance is good and running a shoutcast stream is no problem. > > >> Sending mail via my ISP is slow. > > >> > > >> Investigation: - "sysctl -a | grep net | less" shows a ton of > > >> variables > > >> with values assigned. Ping of nameserver assigned by dhcp takes 0.5ms. > > >> Ping of freebsd.org = 90ms. Nothing obvious in loader.conf or > > >> rc.conf (defaults). /var/log/messages has only startup info. > > >> > > >> Question: - How to solve this thorny performance problem? -Bob- > > > > > > You might want to run tcpdump and monitor one of those slow loads. > > > Include the timestamp in the output and see what it is doing during > > > that time. I would tend to suspect DNS timeouts. > > > > > > > > tcpdump confirms there is a ten second delay as seen on the browser. > > 1. there are some UDP packets to/from the nameserver. > > 2. nothing happens for ten seconds > > 3. now there is a TCP connection > > > > tcpdump: listening on vr0, link-type EN10MB (Ethernet), > > > > 17:34:07.537419 proto: UDP (17) > > 192.168.1.102.53032 > 192.168.1.254.domain: > > 45959+ A? www.google.ca. (31) > > You ask 192.168.1.254 - presumably your gateway, and/or internal DNS > server? - for www.google.ca's IPv4 address. > > > 17:34:07.545218 IP proto: UDP (17) > > 192.168.1.254.domain > 192.168.1.102.53032: > > 45959 6/7/4 www.google.ca. CNAME[|domain] > > It's a CNAME. Not sure if you got the right IP address there, though > from the later (after delay) connect to google.com, I suppose so .. > > > 17:34:07.545500 IP proto: UDP (17) > > 192.168.1.102.64463 > 192.168.1.254.domain: > > 45960+ AAAA? www.google.ca. (31) > > Then you ask for www.google.ca's IPv6 address. Do you really want that? > You get no response on that, but maybe you're prepared to wait for it, > ie are you somehow relying on getting an IPv6 address, and if so, why? > > > 17:34:07.868410 IP proto: UDP (17) > > 192.168.1.102.61375 > 192.168.1.254.domain: > > 48085+ PTR? 254.1.168.192.in-addr.arpa. (44) > > You then ask for your gateway's IP address, by name. Hmm. But you get > no response to that query. Looks like you're about to wait for one .. > ~4.6 seconds later you're still waiting, and you ask again .. > > > 17:34:12.545947 IP proto: UDP (17) > > 192.168.1.102.54649 > 192.168.1.254.domain: > > 45960+ AAAA? www.google.ca. (31) > > .. for that IPv6 address, and then you ask again .. > > > 17:34:12.868866 IP proto: UDP (17) > > 192.168.1.102.55840 > 192.168.1.254.domain: > > 48085+ PTR? 254.1.168.192.in-addr.arpa. (44) > > .. for your gateway's IP address from its name. No answer. > > > <<<<<<<< nothing happens for 10 seconds?? >>>>>>>>>>>> > > .. and then you appear to contact google.com successfully. > > > 17:34:22.546051 > > (tos 0x0, ttl 64, id 226, offset 0, flags [DF], > > proto: TCP (6), length: 64) > > 192.168.1.102.52363 > qb-in-f147.google.com.http: S, > > cksum 0x3aa5 (correct), > > 1762925400:1762925400(0) win 65535 > nop,wscale 1, > > nop,nop,timestamp 1758025 0,sackOK,eol> > > Are you obliged to use 192.168.1.254 for DNS? The AAAA queries aside > (which it should quickly NAK if it doesn't handle them), it seems broken > if it can't resolve it's own reverse DNS? Can you use your upstream > provider's DNS server/s instead (ie in resolv.conf)? Is your IP fixed > or DHCP-assigned? If the latter, with or without auto DNS assignment? > > Cheers, Ian > >>Are you obliged to use 192.168.1.254 for DNS? ....... This is the address from my ISP placed in /etc/resolv.conf during DHCP >>.. for that IPv6 address, and then you ask again .. >> 17:34:12.868866 IP proto: UDP (17) >> 192.168.1.102.55840 > 192.168.1.254.domain: >> 48085+ PTR? 254.1.168.192.in-addr.arpa. (44) >>.. for your gateway's IP address from its name. No answer. I did not select IPv6 during FreeBSD install and /etc/defaults/rc.conf defaults to off. According to the notes in /etc/hosts.allow, reverse lookup is done to mitigate hacker tricks. Thanks for the details. Is it possible that this is some kind of silent hardware-driver issue that confuses the system APIs? -Bob-